The Middle East, especially Iran, has been under cyber-attack for several years. Trojans, spywares and worms such as Stuxnet, Duqu, et al, have wreaked havoc on Iranian computer networks, especially the ones connected to the nuclear programme, in the past.
Latest reports suggest computers, especially in the Middle East, are being targeted by highly sophisticated malwares. The complexity of the spyware makes security experts believe that only a nation can sponsor such initiative, given its sheer sophistication and obscure nature. The flame malware has evaded detection since the last 2 years.
Arabian Gazette’s team caught up with Aji Joseph, General Manager ESET Middle East, to discuss how we can protect our PCs from virus and malware attacks, why we still need antivirus softwares installed and updated on our PCs, and what we can do to avoid from getting our PCs infected with malware.
Some experts have said in the recent past that ‘the anti-virus is dead’. What is your take on this ?
Antivirus is the first level of defence against malware and it is mandatory to have an updated anti-virus running on your system to stay protected. Our research labs get millions of malware samples every day and it is not possible to stay protected without a good antivirus solution against all these threats. Even though antivirus softwares do not guarantee safety from all malicious applications, they definitely offer an extra layer of security as products like ESET detect a substantial amount of malware proactively. An expert can reduce the risk of getting infected by not visiting unknown websites and staying away from attachments sent by strangers.
However, it is not advisable to work without an antivirus as the attack vectors have now increased. Internet remains the primary source of malware and it also gets circulated using USB drives and external hard disks. Only a good antivirus solution can protect you against these threats. Most individuals and many companies don’t know the technology well enough or simply don’t have the time or capacity to use the sort of complex tools that security experts use to stay away from antivirus. Antivirus still remains the most important tool against malware.
How does ESET differentiate itself from other vendors? Are there any specific technologies or capabilities which ESET has got and not your competitors?
ESET NOD32 Antivirus and ESET Smart Security use advanced heuristics that help detect new and unknown threats. ESET also uses cloud-powered scanning technology to improve the performance of the products. We have always done well in independent antivirus tests because of this. Also the products are lighter and faster compared to many other products available. ESET also holds record for the highest number of Virus Bulletin “VB100%” awards.
Some security experts themselves say that 100% security is a myth. Can ESET products promise 100% protection? What are the major issues with making such promises, if any?
Nobody can guarantee 100% security. Malware writers exploit the vulnerabilities in operating systems, applications etc. and it is not possible to prevent this from taking place. ESET uses advanced heuristics that proactively detects a substantial amount of new malware. ESET is a leader in proactive threat detection.
When free anti-virus products like AVG and Avast is available and provides similar features and protection compared with their commercial competitors, why should anyone pay for an anti-virus product?
Antivirus is the first line of defence against cyber threats and it is recommended to use a paid security product as it offers many more features including a customer support line. On the contrary, a free product – in most cases – is a “cut down version” of its paid sibling and as such does not include any support. In addition to this, a fully licensed paid software provides a much faster response against new and emerging threats, since security professionals work round the clock to provide the best pro-active protection. The nominal fees charged for such services and support is a worthwhile investment for company of any size and, if one considers the risk involved in getting infected. Troubleshooting an infected network may mean network downtime. This equals to less sales/revenue and as such a much higher cost scenario will unravel just before us. Therefore, being proactive is better.
How is the malware threat landscape evolving and what is ESET doing about it?
Malware attacks worldwide are on the rise and many of them have become very sophisticated. Money still remains the main motive behind many of these attacks and we have also seen some attacks targeting some specific industries recently. ESET has recently opened a malware research centre in Montreal, Canada, in addition to research centres in San Diego (US), Buenos Aires (Argentina), Singapore, Prague (Czech Republic), Košice (Slovakia), Cracow (Poland), and Moscow (Russia). Our researchers work 24 hours, 7 days a week, to protect our customers.
Can you brief us on the some of the latest trends and happenings in the security world and the latest technologies and products that ESET is planning?
Attack vectors have increased as more users are accessing internet from tablets and mobile devices and malware writers have started targeting the same. ESET has launched new version of ESET Endpoint Security and it comes with features like Antivirus, Antispyware, Antispam, Firewall, web control, removable media control etc. We also have ESET Mobile Security that supports Symbian, Windows Mobile and Android platforms. We are also coming up with the new version of ESET Cybersecurity for Mac.
With virus and malware threat landscape fast changing and security companies catching up with it, how complex are things turning out to be…especially for users to understand, configure and use these security products on their systems ?
Cyber security is very important in IT today as more and more individuals and corporate customers are getting targeted by cyber criminals. It is important to have a good security policy in place for organisations. Also the employees should be trained on the same so that they follow these security policies. It is also important to make sure that individuals and organisations use a good security software such as ESET Smart Security with advanced functionalities such as IDS/HIPS and firewall. Also remember to update your security software with the latest signatures on a regular basis.
It is a reasonable assumption to make that most of the companies already have some end-point security products installed on their PCs and are hopefully updated regularly. Why should they switch it to your product?
Organisations generally change their endpoint security solutions when they are faced with problems. ESET Endpoint Security has one of the best proactive detection in the industry and it is very light on system resources. Also, it uses less bandwidth in corporate networks and thus improves the efficiency of the network. It is also easy to deploy and manage.
How does your product reduce the time, pain, and cost of managing IT security in an organisation?
ESET Endpoint Security has one of the best proactive detection capabilities in the industry and it is very light on system resources. Also it uses less bandwidth in a corporate network and thus improves the efficiency of the network. As mentioned earlier, ESET Endpoint Security is easy to deploy and manage.
What advice would you give our readers in order to protect and keep their systems safe?
We would recommend the following tips:
- Be careful while connecting to internet using Wi-Fi. Make sure that you connect to networks that are secure and password protected. Prefer a WPA instead of WPE connection
- Use a good security software such as ESET Smart Security with advanced functionalities such as IDS / HIPS and firewall. Also remember to update your security software with the latest signatures on a regular basis
- Make sure that your operating systems and any other applications have the latest patches installed
- When using unknown networks; avoid visiting sites that require a password. At the very least enforce the use of a secure SSL connection
- If you are connecting from a public Wi-Fi to your office or data storage site, use a VPN connection if possible. Always use strong passwords for your accounts and systems
- Keep your sensitive data encrypted or at least password protected