ncn special story

CMYK

CMYK

National Computrade News | 30 Jan. - 14 Feb., 201222

special story

Today the security landscape has now changed. The ‘Consumer centric’ vendors are aggressively

pitching security solutions to enterprises and SMBs in India. More vendors’ means increased opportunities, new partnerships agreements and increased competition for partners to clinch

AV Solution:Always in Demand

enterprise deals. According to Gartner, the security software market in India is estimated to be US$ 209 million in 2011 and is forecasted to grow to US$ 320 million in 2014. The general security software is still seen as high growth in India as the penetration is still low and vendors are trying hard to offer different solutions such as appliances

for SWG, SIEM and E-mail Security Boundary SMB and Enterprise business will grow as

well as challenges for their cyber security are becoming more sophisticated and more and more business owners become really concerned about IT security and their companies’ data safety. Industry reports show that SMBs and SMEs are

Initially there were only viruses, so you needed only antivirus. But today there are so many insidious threats like root attacks, malware, spyware, spam, phishing, adware, etc, and users need to protect their computers and data from all of them. Antivirus has now grown to full-fledged suite to protect all threats. Emergence of multiple players has been another trend that not only gives many options to customers, but also creates a level playing field. The dynamics of the antivirus market have changed.

CMYK

CMYK

National Computrade News | 30 Jan. - 15 Feb., 2012 23

planning to increase spending on IT-security by 5-10 percent. That gives incentive to do the aggressive marketing of vendor’s SMB solutions.

New technology features to tackle the upcoming challenges and enhancing the user experience, is what all the vendors and partners are focusing on. From just being antivirus, the product is evolving into an integrated solution today. Initially there were only viruses, so you needed only antivirus. But today there are so many insidious threats like root attacks, malware, spyware, spam, phishing, adware, etc, and users need to protect their computers and data from all of them. Antivirus has now grown to full-fledged suite to protect all threats. Emergence of multiple players has been another trend that not only gives many options to customers, but also creates a level playing field. The dynamics of the antivirus market have changed.

But off-late the latest viruses are much more sophisticated and able to cause extensive and irreparable damage to files. Apparently, some viruses are able to spread themselves to other computers on the Internet or network causing widespread damage to many systems. In order to counterattack the problems caused by these viruses and to keep up with the accompanying rise of malicious web activity, a number of vendors are busy rolling out layers of updates on anti-virus.Trend of AV Market in India

Spending on IT security is increasing at a gradual pace in India, especially in enterprise and SMB segment. More organizations and even consumers are realizing the importance of securing their data. This, the market for antivirus and total security solutions, as well as the adoption of mobile security solutions is increasing. The increasing of buying capacity due to country’s economy growth and enhancing IT and smart devices penetration makes not only metro cities, by Tier-2 and Tier-3 cities a very promising market for security vendors.

“I see great potential of smartphone and tablet security market in nearest future. The quantity of these devices is growing rapidly in India, though users are still not bothered with security. The bad guys are not sleeping, whether or no. Right now there is no better target for malware authors rather than unprotected smartphone and his owner who hardly understands what threats might be

hidden in those thousands of handy applications. SMB and Enterprise business will grow as well as challenges for their cyber security are becoming more sophisticated and more and more business owners become really concerned about IT secur i t y and the i r companies’ data safety. Industry reports show that SMBs and SMEs a r e p l ann ing to increase spending on IT-security by 5-10 percent. That gives us incentive to do the aggressive marketing of our SMB solutions,” said, Pankaj Jain, Director, ESET India (ESS Distribution Pvt Ltd).

Jagannath Patnaik, Director Channel Sales, Kaspersky Lab - South Asia, said, “ We are seeing a growth in paid usage of Antivirus market in India especially in PC and laptop segment, however the

AV market for smart phones is still at a nascent stage. The awareness of using a licensed AV has increased thanks to the mass campaigns in radio and Print. The Av market is directly proportional to PC shipments and in last quarter we have seen a dip in PC shipments which is bit worrying factor. Besides this there are some free downloadable AV's which can be good if user is a geek but for normal user I would suggest to go with a paid AV due to the fact that such users need post sales support in the event of any Malware attack.“

“Security issues have intensified not only for individuals but also for companies who rely on Internet to remotely access data. Organizations can no longer rely on basic network security and have realized the need to protect their employees' devices from attacks that can affect the network security of the organization. A lot of demand is also seen from the SMB segment. Awareness amongst users has increased as people are becoming targets

of p h i s h i n g scams and identity thefts more than ever b e f o r e , ” s a i d , A m i t N a t h C o u n t r y Manager India and SAARC, Trend Micro.

The Internet is an integral part of everyday life, and consumers are going online to conduct daily activities and stay socially connected – from both the PC and other connected devices such as smartphones and tablets. “We realize that the consumers are entering the new era of technology where the PC is moving from a central role in consumers’ Internet experience to one where it still occupies an important position, but is surrounded by other devices that consumers will additionally use to enjoy the Internet. However, cybercriminals are also following the crowds and looking at new methods of exploiting these platforms: we observed a 42 per cent increase in mobile vulnerabilities in 2010, and this is sure to grow,” said, Effendy Ibrahim, Internet Safety Advocate & Consumer Business Lead, Asia, Norton.

“Indian security software market is estimated to be US$ 209 million in 2011 and is forecasted to grow to US$ 320 million in 2014 according to Gartner. With its steady growing customer base, today, India is no doubt one of the largest, graded and varied markets for Anti-Virus solutions in the world. The increasing sophisticated and complex threats have increased the awareness amongst the

special story

Mr. Jagannath Patnaik, Director Channel Sales, Kaspersky Lab - South Asia.

“We are seeing a growth in paid usage of Antivirus market in India especially in PC and laptop segment; however the AV market for smart phones is still at a nascent stage. The awareness of using a licensed AV has increased thanks to the mass campaigns in radio and Print. The Av market is directly proportional to PC shipments and in last quarter we have seen a dip in PC shipments which is bit worrying factor. Besides this there are some free downloadable AV's which can be good if user is a geek but for normal user I would suggest to go with a paid AV due to the fact that such users need post sales support in the event of any Malware attack.”

CMYK

CMYK


special story

I T users about security solutions. Hence, the demand of security software that provides multi-level protection is on the rise across all the segments,” concluded, Sunil Kripalani, Senior Vice President – Global Sales & Marketing, eScan.Products in Demand

Indian users are most vulnerable to worms and viruses spreading through Internet and storage devices, mostly USB flash drives, very often because of vulnerability in the operating system which is not patched or is not protected with up-to-date security software.

“In the latest version of ESET flagship products for consumer segment we included Removable Media control tool which is very demanded by the customers, according to the feedback from the market. In general I would say not only antivirus but total security suites, as for example ESET Smart Security, including Firewall, Antispam, Parental Control tools and many other features are demanded by customers today,” said, Jain of ESET India.

“Consumers are becoming targets of phishing scams and identity thefts more than ever before. This has increased the awareness amongst users about security solutions. Therefore, the demand has increased noticeably of various antivirus and mobile security products,” said,

Nath o f T rend Mic ro .According to the Norton

Cybercrime Report 2011 has shown that the most common types of cybercrime in India are computer viruses and malware (60 per cent), online scams (20 per cent) and phishing (19 per cent).

“We also observed a significant rise in mobile-related crime: 17 per cent of Indian users experienced this compared to 10 per cent globally. As attacks become more sophisticated and prevalent, consumers in India are looking for comprehens ive and reliable online security solut ions that help address security threats of today and provision

for the changing security landscape in the future, and they see the value of our broad portfolio

of products. Consumers are also beginning to understand that point solutions do not offer complete protection and are not capable of protecting against the rapidly increasing volume and proliferation of new malicious code threats. That’s why we are seeing rising demand for our latest Norton 2012 products, which use the path breaking reputation-based technology to stop new, never-seen-before malware. We are also seeing growing popularity for our free tools such as Norton Safe Web for Facebook, which scans your wall for malicious or spammy links,” said, Ibrahim of Norton.

“Further, with consumers using multiple devices to access the internet, they are looking for a simplified user experience where information and many devices can be protected on a single subscription. For example, Norton Management – built into Norton 2012 products – allows consumers to manage security across many PCs

regardless of where they are,” added, Ibrahim.Today, the most common attacks across all

the segments are social engineering techniques. According to the current security landscape, currently, a large number of enterprises are adopting cloud services, based on virtualization technologies, as a business model that has led to increasing complex security threats. Large networks have become more predominant increasing data theft, network downtime and financial loss due variety of threats such as automated ‘drive-by’ attacks, DDoS attacks, Malware-as-a-Service and Advanced persistent threats (APTs). In addition to insider threats and the risks associated with insider breaches, threats like Stuxnet and Duku are an alarming danger to these large networks that are capable of data extrusion. The increasing user-base of Mac, Smartphones and Tablets is also leading to increase in vulnerabilities.

“According to the current situation, be it Windows, Linux, Mac or Smartphones and Tablets all are vulnerable to cyber threats. Hence, products that cater to the security needs of the IT users against the growing security landscape, across all the segments are in demand,” said, Kriplani of eScan.

“The products which can be effectively used are Kaspersky Internet Security, Kaspersky PURE - Total Security, and for starters whose internet activity is minimal Kaspersky antivirus. For Smart phones Kaspersky Mobile security. For enterprises Kaspersky EndPoint Protection 8.0 for Windows,” concluded, Patnaik of Kaspersky Lab.Most Dangerous Threat

“Another most common malware in India is INF/Autorun (uses autorun.inf file as a way to compromise a PC) and Win32/Sality.NBA, a virus which infects executable files. It is dropped in the computer by Worm Win32/Sality.AU anf spreads itself to removable and remote drives. At the same time a dangerous threat such as Win32/Conficker worm, exploiting recent vulnerabilities in the Windows operating system, which was claimed last year to infect more than 12 mln computers worldwide, has not yet been that active in India. Apart from malware, users have to be aware of scams and other social engineering tricks on social networks and in spam emails. Social engineering and search poisoning are very successful in India, due to the lack of cyber security awareness, I guess,” elaborated, Jain of ESET.

“India has been the one of the fastest growing business for ESET for the last couple of years, we are growing more than 100% every year. Right now our primary focus is on the SME segment. We are aiming to capture 10 % market share in the next couple of years. This market is highly competitive, with more than 20 players, and very price sensitive. To achieve a position in the top-5 security brands in the Indian market we are always aggressive in various marketing activities targeting both channel partners and end-user. This year we’ll be focusing on innovative BTL and SMM activities which will help to increase ESET’s brand recall and awareness in the market.”

Mr. Pankaj Jain, Director, ESET India (ESS Distribution Pvt Ltd).

CMYK

CMYK

National Computrade News | 30 Jan. - 15 Feb., 2012 25

“There are some dangerous threats for mobile platforms, including SMS Trojans that cause the infected device to send text messages to premium numbers (that cost the phone user money while generating profit for cyber criminals), mobile spyware and so on. On corporate and government level, specific malware designed to attack specific targets as famous Stuxnet did last year is likely to become more sophisticated. Right now we're seeing Duqu worm, based on Stuxnet, and there is a high probability we will see more of this kind of threat in coming years,” he added further.

According to Kriplani of eScan, “Behind every threat, there is an intention. Hence, no threat can be neglected. It is difficult to pinpoint or categorize threats, as the loss due to them is unpredictable.”

“The volume of mobile malware, specifically those targeting Android-based devices, along with the number of highly targeted attacks (aka APTs) is increasing a great pace. Cybercriminals are limiting their focus in terms of target—by region or by industry as data breaches and attacks. However, in an attempt to not just keep up with but to stay ahead of cybercriminal efforts, Trend Micro researchers are striking deals with law enforcement agencies worldwide to gain even more wins this year,” said, Nath of Trend Micro.

“We expect to see the following events and trends next year in the field of cybercriminal activities: Like, Cyber weapons like Stuxnet will be tailor-made for specific cases only. Cybercriminals will increasingly use simpler tools, such as kill switches, logic bombs etc. to destroy data at a required time. The number of targeted attacks will continue to grow. Cybercriminals will begin using new infection methods, as the effectiveness of existing methods diminishes. The range of targeted businesses and areas of economic activity will expand. The year 2012 will see cybercriminals writing mobile malware that primarily targets Google Android. We expect to see an increasing number of attacks exploiting vulnerabilities as well as the first mobile drive-by attacks. There will be more and more cases where malware is uploaded to official app stores, primarily to Android Market. Mobile espionage will become widespread; this will include stealing data from mobile phones, and tracking people using their telephones and geolocation services. In 2012, attacks on online banking systems will

be one of the most widespread methods used to steal money from users. South-East Asia, China and East Africa are particularly at risk. Multiple attacks on various government institutions and businesses will be carried out all over the world. Hacktivism may also be used to conceal other types of attacks,” concluded, Patnaik of Kaspersky.Is it mandatory to renew Anti-Virus software regularly?

“Cybercrime is evolving at a rapid pace – with an average of nine new threats created every second in 2010. These threats have also become more stealthy and sophisticated. With a current security subscription, updates are delivered to the user regularly and frequently. However, going a day without updates would potentially expose the user to 777,600 new threats (9 * 86,400 seconds/day). Any one of these threats could expose your identity, help cybercriminals steal your

money and reveal your most private information. That’s why it’s important to ensure that you renew your security subscription: it’s a small investment for the peace of mind that comes with being able to surf the internet safe ly and conf ident ly ,” said, Ibrahim of Norton.

Amit Nath of Trend Micro, said, “The license period of antivirus software is one year, which is 365 days f rom the t ime that your current key w a s s y n c h r o n i z e d with the ant iv i rus company’s servers. If you do not renew your subscription, t h e s o f t w a r e wi l l s top work ing w h e n t h e s u b s c r i p t i o n e x p i r e s a n d your computer wil l not be protected.”

“It is essential to renew AV software. Security product downloads Virus Signature Database updates daily. These updates ensure that you are protected against the latest known threats

that could potentially harm your machine. The updates consist of the latest released malware signatures which are added to your product's database. Protecting the system by comparing incoming code to a list of “known bad code” (your updated signature database) is the basic strategy, While the alternative one, often employed in parallel, is heuristic detection, i.e. identifying code as potentially malicious based on everything that malware experts know about current and future malware. Well-written heuristic detection systems have a good track record of preventing infections by previously unknown malware, even malware that seeks to exploit zero-day vulnerabilities,” said, Jain of ESET.

Patnaik also opined that Antivirus software is dynamic software which needs to update daily and some times very often due to threat landscape and as such this needs to be subscribed on yearly or term based to get latest updates.

“If the Anti-Virus license is expired, it is equal to having no protection at all, as the software will not be updated further since it last update. This leaves the computer vulnerable to latest malicious threats. Hence, to have the updated version of

Anti-Virus that provides real-time

protection from ever growing security threats, it is necessary to renew the Anti-Virus software,” concluded, Kriplani of eScan.Preparation of Future Threat

“No matter whether it is platform, one has to

special story

Mr. Amit Nath Country Manager India and SAARC, Trend Micro.

Cybercriminals will act with even more persistency and sophistication, as the world shifts from the PC-centric desktop toward mob i l e and c loud computing. The repercussion for IT administrators will be an imperative to approach security with a data-centric framework – protecting the data, not just the systems. Users must continue moving toward a more data-centric model for effective security and privacy as they embrace consumerization, virtualization, and the cloud.”

CMYK

CMYK


special story

be aware that mobile/smartphone are prone to viruses, SMS Spam, Spyware or data loss. ESET researchers had identified more than 40 major

m a l i c i o u s

codes (and variations) for this platform, 30% of these threats were made available for download in the Android Market, 37% are SMS Trojans and 60% of the malicious codes have some botnet characteristic, i.e. some kind of remote control over the device. That makes demand for products for Smartphones and tablets, such as for example ESET Mobile Security, growing in geometric progression,” said, Jain of ESET India.

“The threat landscape is getting complex and we experience nearly 70K different malwares appearing on daily and as the internet usage goes up this will further complicate things. The user must have self discipline and use common sense similar to physical security. Never click on any attachment which is not from a trusted source. Must have whitelist and blacklist on mail addresses and web sites, Use latest AV solution, Never keep Blue tooth open when not needed and Never use public WiFi / Internet cafe to do financial and confidential transactions,” suggested, Patnaik of Kaspersky Lab.

“Cybercriminals will act with even more persistency and sophistication, as the world shifts from the PC-centric desktop toward mobile and cloud computing. The repercussion

for IT administrators will be an imperative to approach security with a data-centric framework – protecting the data, not just the systems. Users must continue moving toward a more data-

centric model for effective security and privacy as they embrace consumerization, virtualization, and the cloud,” said, Nath of Trend Micro.

“We realize that the consumers are entering the new era of technology where the PC is moving from a central role in consumers’ Internet experience to one where it still occupies an important position, but is surrounded by other devices that consumers will additionally use to e n j o y t h e I n t e r n e t . Increasingly, people want access to their valuable stuff – photos, music and videos – as well as private information on all the

devices that they are using, and we are seeing the cybercriminals too are following this trend.

We have already seen a 42 per cent increase in mobile vulnerabilities and as more internet-connected devices grow in popularity, the threats are likely to spread too,” said, Ibrahim of Norton.

“That’s why our initiatives for the future include Norton Everywhere: a first step toward building a significant business beyond the PC. Norton Everywhere has three main components: Mobile, Norton DNS, & services for Smart Devices, meaning that consumers can trust the protection of Norton everywhere – across many locations, devices and digital experiences. The offerings are delivered direct to consumers, as well as through new business-to-business offerings. For example, Norton DNS provides a safer, more reliable, and faster Internet experience by delivering a variety of basic protection services like antiphishing, antimalware and anti-spyware

via Norton verified web filtering. This means regardless of the device, users are protected. In the immediate future, we are seeing increasing interest among cybercriminals in the popular social networking medium. With 1 in 2 Indians saying they would lose contact with friends without social networking sites, cybercriminals are leveraging these platforms to trick users and make money. Some of the threats that are rising in frequency on social networking sites include “like-jacking”. Just about anyone who has a social networking account has seen them: Innocuous-looking, yet dangerous links posted to the Wall of one of your friends inviting you to watch a video of a famous movie star caught cheating, the Osama bin Laden raid or any number of other topics. On a bad day, you may see the same link posted on the Wall of several of your friends, each friend inadvertently passing on the infection to those gullible enough to click on the link,”Ibrahim added further.

According to the Symantec Internet Security Threat Report XVI, attackers are already leveraging the news-feed capabilities provided by popular social networking sites to mass distribute attacks. In a typical scenario, the attacker logs into a compromised social networking account and posts a shortened link to a malicious website in the victim’s status area.

“eScan powered by highly sophisticated Heuristics Algorithms that detects unknown viruses, thus providing advanced protection from zero day threats. eScan’s fastest automatic updating system safeguards it users from new and emerging threats,” concluded, Kriplani of eScan. USP of Brand

Today situation at the market is indeed deplorable. The majority of tools offered today cannot be identified as anti-virus software proper; it seems, at best, that they have been developed by pretty bright high school undergraduates each of whom claims to be the leader?. The threshold level of admission to the anti-virus club has dropped considerably, with primitive script virus fighters coming to the fore to lead the way.

“Its enhanced Firewall on both the Server and the Client with predefined rule sets at the client monitors and logs all incoming and outgoing traffic according to the policy defined for the client. Along with this eScan provides sophisticated file blocking & folder protection as well as faster and

Mr. Effendy Ibrahim, Internet Safety Advocate & Consumer Business Lead, Asia, Norton

“Today, consumers need layers of protection to keep safe online, and this requires several security technologies. The advantage of a subscription-based security suite such as Norton is that customers have full protection in a single, easy to use and manage product. They also enjoy regular security updates to ensure they are constantly protected against emerging threats. And customers receive support directly from the vendor as part of the subscription, which they do not enjoy from a freeware solution.”

CMYK

CMYK


intelligent on-demand scanner. eScan’s exclusive advanced eScan Anti-Virus Toolkit (MWAV) is a FREE, intelligent and powerful Anti-Virus utility that enables fast and hassle-free scanning of computers without installation and can be run directly from anywhere, on your computer, USB Drive or from a CD ROM. We also offer the technical support to our customers through remote support, one of its kinds to resolve the issues faced by eScan users at the fastest possible time-frame,” said, Kriplani of eScan.

“As the market leader for security, we are constantly raising the bar for the industry to provide consumers the fastest and most effective security. As such at Norton, we are constantly innovating to protect our customers from the sophisticated threats of today and tomorrow. That’s why our products come with reputation technology, which takes the greatest weapon cyber criminals have in their arsenal – their ability to generate unique pieces of malware at an alarming rate – and turns that very weapon against them. We invest 13 percent of total annual revenue in research and development. The latest Norton Internet Security 2012 and Norton Antivirus 2012 exceed our already industry-leading benchmarks for protection and performance and are a result of our commitment to providing consumers with the fastest, lightest and strongest protection against today’s complex threats,” said. Ibrahim of Norton.

Norton 2012 brings key new features to address the latest threats and powerful protection against one of today’s greatest consumer concerns: ensuring online personal information remains confidential. Additionally, Norton brings a powerful combination of reputation, fi le, behavior and network based protection to provide the most comprehensive security to date. For the second year in a row, N o r t o n p l a c e d f i r s t in overa l l protect ion according to testing from AV-Test Institute. In addition, Norton Internet Security 2012 ranked fi rst

in overall performance testing by both PassMark Software and AV-Comparatives. According to Symantec’s internal testing, Norton 2012 even outperforms the award-winning 2011 version with 30 percent faster scans, 17 percent faster boot time and 24 percent faster fi le copying.

“Trend Micro’s Titanium 2012 is a multifaceted

boon for consumers. Our unique cloud computing architecture leverages a global network of threat intelligence sensors, email, Web, and fi le reputation technologies that work together to dramatically reduce infections. It’s a major upgrade for our customers, for Trend Micro and for the industry. Titanium 2012 is powered by Trend Micro Smart Protection Network, which gathers and analyses threat data, blocking viruses and other malware before they can reach the PC. Because the processing is done “in the cloud”, Titanium is quite light on the system resources and uses less of the PC’s memory and disk space, so it won’t slow the PC down,” claimed, Amit Nath of Trend Micro.

“ESET is technically strong product. Having very light footprint on the system, which is important both for home PC and for business

special story

servers and workstations, ESET technology gives the best protection from all kind of malware. Threats evolve constantly to evade detection by signature-based antivirus solutions. Unlike conventional AV that depends on signature updates alone, ESET uses both ThreatSense signatures and advanced heuristic scanning. ESET’s Threat Sense Advanced Heuristics engine enables detection of malware not specifi ed in the signature database. The primary advantage of the heuristic-based model is not only its ability to detect variants or modified forms of existing malicious programs, but also new previously-unknown malicious programs. ESET Smart Security and ESET NOD32 Antivirus use heuristics to detect both known and unknown threats and malware, using two forms of heuristics, passive and active. These are words, but here are some numbers as well. ESET also has received its 71st VB100 award from Virus Bulletin, another independent research organization. So by today ESET NOD32 Antivirus holds the world record for VB100 Award wins among all security vendors,” said, Jain of ESET India.

“We have probably the highest license renewal rate in industry, 80%, over the last 3-4 years that we’re present in India,” added, Jain.

“We have an user base of more than 300 million and the technology such as Hybrid protection which optimally uses Cloud as well as PC technology gives optimum protection. Commercially also we have very competitive pricing our Antivirus is priced at 599/- for single user and 1199 for 3 user,” concluded, Patnaik of Kaspersky Lab.At Last

Unfortunately, because new viruses are being developed every day there will always be a need for up-to-date antivirus protection. Furthermore, these viruses are becoming increasingly complex and diffi cult to discover, and as a result the growth in virus attacks is set to continue. A return on investment is diffi cult to calculate for antivirus software because, once installed, it will not immediately decrease costs or improve effi ciency.

The relationship between signature-based antivirus companies and the virus writers is almost comical. One releases something and then the other reacts and they go back and forth. It's a silly little arms race that has no end.

“There is a huge difference right from the level and quality of protection provided by free Anti-Virus and that by the paid ones that are known as the licensed ones. Free Anti-Virus software’s usually provide with the basic level protection and perhaps a scan for malicious threat, often with limited or no technical support available. However, with the licensed ones, that are intended to be one-stop security shops provide dedicated technical support, updated version, latest virus updates regularly, additional features and tool that keep system running at optimal level as compared to offered in the free versions.”

Mr. Sunil Kripalani, Senior Vice President Global Sales & Marketing, eScan

ncn special story

Documents