We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

'Top threat malware lists are worthless'

Not my words, you understand, but those of Aussie security firm PC Tools. PC Tools today dismissed the 'top threat' lists distributed by many of its rivals as being too one-dimensional. And infrequent. And, you know, rubbish.

PC Tools's CEO Simon Clausen said that such lists are ill-conceived, inaccurate and over-simple. His argument is that compiling lists of threats ranked by volume alone has little relevance to the man on the street. And as a consequence, they can be counterproductive.

Visit Security Advisor for the latest internet threat news, and internet security product reviews

"Threat analysis is highly complex," said Clausen.

"There was a time when volume alone was an acceptable indicator of the level of threat.

"But the threat landscape has changed significantly and there are a number of additional parameters, besides volume, which are equally, if not more important in identifying and classifying top threats."

There is, of course, some truth in this. Particularly the irrelevance of volume when placed into context with the changing nature of what we all like to call, the 'threat landscape'. (And we like to call it that because it makes us feel big and strong and macho.)

PC Tools used Netsky as an example of such a 'top threat' that is, well, not so top. Bottom. Despite being discovered more than four years ago, Netsky still appears on 'top threat' lists. Why? Because there's a lot of it about.

But PC Tools ain't scared of Netsky. At least chief threat officer Kurt Baumgartner isn't.

"Netsky's behavioural and static characteristics are well known to analysts in the antimalware industry, and freely available antivirus technology detects and removes it with ease," he said.

Fair enough. But what does PC Tools suggest as an alternative? It is, after all, important to give users some idea of the most important dangers they are faced with. And top threat lists serve to generate media coverage which scares users into protecting their hardware (by investing in PC security software).

Volume is one indicator, according to PC Tools, but there are other, equally important parameters of threat.

The complexity of a threat, for example, and the challenge it presents for analysts. How easy is it for software to detect and remove the threat. Does it contain techniques not seen before, and how fast is it at responding to detection?

And, of course, the bottom line: what threat does a 'threat' and its payload pose. What damage can it do. Will it hurt?

This is, you'll agree, a pretty comprehensive list of parameters - it becomes clear why security vendors are happy to concentrate on volume. And anyway, an old, recognised threat such as Netsky is still a problem if punters don't patch up, and patch up good. Which is the whole point of the lists, right?

Something Baumgartner acknowledges: "Either users are failing to update their computers to protect them from these old vulnerabilities, the same systems are being reinfected or possibly that consumers are using pirated operating system software."

So, volume-based top threat lists remain massively relevant if you aren't up to date with your security setup. Still, PC Tools is adamant. Security vendors need to produce more rounded threat lists, more often.

As Clausen said today: "Top threat lists have little or no practical use for the average consumer for a number of reasons. First; they do not reflect the reality of the threat landscape.

"Secondly; they do not provide the sort of information consumers need to seek out adequate protection. Thirdly, because most vendors only release these lists on a monthly basis, at best."

Got that?

IDG UK Sites

Amazon Fire HD 6 is a really good value tablet. The Amazon Fire HD 7 isn't. Amazon Fire HD 6 and...

IDG UK Sites

Why Sony's PS4 2.0 update is every gamer's dream (well, mine at least)

IDG UK Sites

ACLU's Halloween-themed animation warns of dangers of ignoring threats to your privacy

IDG UK Sites

20 lesser-known tips for Mac OS X Yosemite: use Yosemite like an expert