Security against increasing malware in recession times
Reading Byron Acohido´s blog post as well as the post on PandaLabs about the incredible rise of financially motivated malware, I thought about the impact this epidemic would have on the financial industry and how it could not happen at a worse time. Banks of all sizes are dealing with a complex regulatory compliance environment, high profile data breaches and an uncertain economy that has caused many to place IT budgets on the back burner, to say nothing of security budgets. The financial sector is facing enormous pressure at a time when even the most established firms are now looking for ways to survive.
As members of the business community, security vendors must take a leadership role in mitigating the risk of cybercrime to the financial industry by placing an emphasis on creating new detection and surveillance frameworks. Anything less could worsen the already delicate state of consumer confidence. Although each antivirus vendor does its best in protecting against newer and more complex threats, some methods seem to be better adapted and more scalable than others. To be certain, being equally as innovative as the malware creators is simply not enough in these times.
As an example of this approach, Panda Security made a decision a few years back that was unusual at the time. Instead of spending resources on thousands of engineers in order to process the incoming samples sent in by users, we invested heavily in a system that automated the collection, classification and remediation of suspicious files. This seemed counterintuitive at the time, as manual classification of threats was the standard, as it had been for over a decade. The next step was to facilitate the storage of malware traits in the cloud and perform the detections there, thus Collective Intelligence was born. Suddenly it was possible to process and detect enormous amounts of malware at a much faster rate. In time, this approach was validated when the explosion of financially motivated malware arrived. An ever-increasing static signature file on the end user machine now seems like a quaint relic from a more innocent time before malware became serious business.
Now as each vendor scrambles to create cloud security with varying degrees of success, the malware authors have begun to borrow tricks from the past, developing more complicated methods to evade detection in an effort to overwhelm those laboratories still processing malware like in the old days. You can be sure that Panda Research is already working on the next improvements in detection technology to combat the bad guys of tomorrow and do our part to keep the economic machine from slowing down.
![[Post to Twitter]](http://www.pandainsight.com/en/wp-content/plugins/tweet-this/icons/tt-twitter.png){kind=icon}
