14 DAY TRIAL // World renowned security solutions provider ESET has recently updated its Windows and Mac products. In addition, the company has also analyzed some interesting cyber threats over the past period.
That’s why we’ve asked some of their experts to offer some insight regarding their latest solutions and the recent developments in the world of cybercrime.
Juraj Vanko, global product marketing manager, Juraj Malcho, chief research officer, and Róbert Lipovský, malware researcher, have been kind enough to answer our questions.
Softpedia: You have added an Anti-Theft feature to Smart Security 6 that appears to be highly welcomed by many of your customers. Do you plan on adding other features in the upcoming releases? For instance, sandboxing, virtual keyboard and remote assistance haven’t been implemented yet.
Juraj Vanko: The Anti-Theft feature adds another layer of protection to our customers’ devices and expanded the protection of ESET Smart Security® 6 to the real world.
Both ESET Smart Security 6 and ESET NOD32® Antivirus 6 now also come with the ESET® Social Media Scanner, which extends protection to the social network environment and with much improved Anti-Phishing module that eliminates social engineering-based attacks.
ESET Research and Development team is continuously working on ESET home and business products, as will be reflected in the upcoming 2013 launches.
Softpedia: Is there any section of Smart Security 6 that you feel still needs to be improved?
Juraj Vanko: There is always room for improvements. The world of malware is changing fast and we have to deal with more and more sophisticated attacks targeting not only PCs but also online and social presence of our customers.
Our developers are constantly improving detection and protection methods and working on new features, which will bring even more protection. As soon as they will be finished and tested, we will roll them out worldwide.
Softpedia: Maintaining a low level of false positives is highly important for security products. In its latest report, AV-Comparatives named ESET among the best in the “low false positives” category. What is your secret to making sure your products don’t bug users with too many false positives?
Juraj Malcho: The best thing about ESET® consumer products is that you install it and forget about it. We don’t want to bother our customers with popup messages or other annoying calls to action. We are developing the products with this philosophy in our mind.
There is a lot of work behind and we have always been very keen on creating a very accurate detection technology, with a clear focus on quality rather than quantity. This is further supported with our Cloud-based ESET LiveGrid® Technology which provides our Malware Research Lab specialists with valuable and timely feedback.
Softpedia: We know you’ve recently updated your products for Mac computers. Up until the Flashback Trojan, Mac users hadn’t been too concerned about the security of their devices. Have you noticed an upwards trend since the Flashback incident? Are more Mac users installing security software than before?
Juraj Vanko: We consider Mac® OS as one of the safest operating systems; however, the Flashback Trojan proved that the growing Mac® user base attracts the attention of cyber criminals increasingly. Our data from the US market has shown that the Mac® users are more and more interested in this topic.
That’s the reason why ESET researchers have created the Straight Facts about Mac Malware’ microsite, where you can find all information about threats dating back to 2004. The microsite was published along with the new line of ESET solutions for Mac computers: ESET® Cyber Security and ESET® Cyber Security Pro.
Softpedia: Why should Mac users install antivirus software? Is there a present threat or should they install it just as a precaution?
Juraj Malcho: The number of threats targeting Macs is still negligible compared to Windows. In recent years, ESET Malware Research Lab has detected and identified over ten new malware families targeting specifically Mac® OS platform.
The amount of these threats is still rising and the truth is that no operating system is 100% secure. Even if it was, vulnerabilities in applications, such as Java/Java Virtual Machine, can be exploited by malware.
A high-performing antivirus adds layers of security, decreasing the exposure to potential threats. The Mac malware development dates back to 2004 and the entire timeline is captured in “Straight Facts about Mac Malware” microsite.
Softpedia: Apple is known for using XProtect in newer versions of its Mac operating system to remotely update computers’ malware definitions. Is it necessary for security companies to step in (i.e. before Apple works its magic)?
Juraj Malcho: The more layers you have, the better protection you get. Security companies have years, even decades of experience and top security experts within them are now focusing on new-ish platforms.
More eyes see more stuff; different vendors see different things, the technology being used is different from case to case, the response time is different – one is faster than the other. Again, there is a similar situation with Windows platform: Is Microsoft Essentials enough for your security?
Softpedia: If we were to make a comparison between the recent iOS jailbreaks and Windows exploits, which one would weigh more in terms of complexity?
Juraj Malcho: Basically, it depends on the particular exploit you want to compare. Way more exploitation is going on in the world of Microsoft® Windows, it has been out there for a longer time, more people are involved, there’s much more experience.
Overall, it’s quite complex to root an iPhone and very likely it will become harder and harder. Windows is a wider platform and so theoretically there are more weak points. When it comes to bypassing modern security features (ASLR, DEP etc.), once it has been done by one attacker, others can start using similar techniques to find solutions to another “problem.”
Softpedia: Over the past months, ESET researchers have been monitoring and studying a number of threats such as PokerAgent and Jabberbot. Why is it important to analyze and keep track of these less widespread pieces of malware?
Juraj Malcho: ESET researchers are dealing with thousands of samples every day. Some of them commonly occur in-the-wild, but some are exceptional.
Some malware can only be highly dangerous when widespread, and some threats can cause significant damage even within a relatively small base – such as ACAD/Medre.A, which has stolen blueprints from Peru and sent them to e-mail accounts in China or Win32/Georbot which was targeting Georgian nationals.
Softpedia: You’ve been tracking threats all over the world. Is there any particular country or region where cyber threats have recorded a significant evolution over the past period?
Róbert Lipovský: In the past year we haven’t observed any dramatic evolution restricted to a particular region. But a good example of malware that has evolved (and, in a way, also in a geographical sense) in comparison to the variants from a couple years ago, is ransomware – malware families such as Win32/Reveton, Win32/Lockscreen, Win32/Ransom and others.
A few years ago, this kind of malware was typical for Russian-speaking countries, but nowadays, with the appearance of “police ransomware,” we see localized versions for many European countries.
And that’s not to mention the increased scare-factor in these variants and the fact that the authors are greedier – the typical extorted amounts nowadays are about 100 EUR/GBP/etc. which is about 10 times more than it was 5 years ago.
Softpedia: At the end of 2012, many experts claimed that in 2013 we should expect Africa not only to be targeted by cybercriminals, but also to become a safe haven for them. Do you agree with these predictions?
Juraj Malcho: Africa has been a safe haven for cyber criminals since ever – think of the Nigerian 419 scams.
Also, the truth is that law enforcement around the world are building contacts and cooperating more and more, even with the notorious East European countries – so criminals are starting to feel the heat. And well, so far, African state officials are missing in the dialogue.