Sabtu, 29 Desember 2012

Why Antivirus Virus Detection Failed Spy ?


Virus spies, like Flame or Stuxnet, spread long before antivirus products detected. There are some things that are believed to be factors causing the failure of antivirus detect it.
It was raised Alfons Tanujaya, antivirus specialists Vaksincom, when contacted KompasTekno, Monday (04/06/2012).
He noted that there are at least three antivirus industry failures that occurred recently: Stuxnet, Duqu and Flame.
Even Flame is believed to have done the action since 2007. That is, there are about five years these malicious programs antivirus undetected.
However, Alfons said that failure can be fully understood. Because the world is focused antivirus manufacturers to counter the threat of a widespread (bulk).
Moreover, virus spy like Flame or strongly suspected Stuxnet is a product of government agencies. Obviously its resources in making this virus more widely.

The three levels of the virus

Alfons likened, at least there are three levels of the virus in the world. First, the level of student motivation to create a virus for fun.
Secondly, the level of company that is making a malicious program with the goal of making money. "It just has to make the antivirus vendors 'sweating' pursuit of agility the virus," says Alfons.
Well, the third level is the government agency who may have access to funds and time is practically unlimited. Moreover, the virus was created with the purpose of espionage.
Alfons example, Flame uses SSL port 443 traffic to protect her. This is difficult because during the port 443 used by the e-banking services.
"Antivirus products which are less work scanning traffic on port 443? Wong-scan only the contents encrypted and can not be interpreted," he said.
Another thing, Flame is said to be cross platform programming language called LUA Scripting. A tools "expensive" according to Alfons only usually used at the corporate level.

Who's afraid of a spy virus?

Fortunately, like Flame or Stuxnet virus created specifically with specific goals anyway. This means that most users will not be a target of this malicious program.
"99 percent of Internet users do not lay directly threatened, and not the target of this virus," said Alfons.
It is precisely those who need to pay extra attention to the presence of the virus is a government spy. Specifically, the Department of Defense and intelligence agencies official.
This is because the virus spies have many purposes. One is to dig vital information from certain institutions.
Alfons was confirmed, these viruses can not be solved simply by installing antivirus. There needs to be security measures in order to anticipate the further existence.
So, back to the agency concerned to determine whether these threats are so worthy of attention or not. One thing is certain: it is always better to prevent than cure.
Editor: Surya Hidayat WicaksonoSources:, Monday, June 4, 2012 | 19:08 pm

Tidak ada komentar:

Posting Komentar