The Hindu Business Line : `Testing times' spell good news

According to Trend Micro, 2005 could be referred to as the `Year of Grayware,' with 65 per cent of the top 15 threats responsible for nearly 11 million unique reports.

This includes some sort of spyware, adware, backdoor, rootkit, or bot functionality.

Some other statistics to note, regarding the total threat landscape of 2005: 10 per cent were BOTs, 11 per cent spyware trojans, 18 per cent Adware, 0.60 per cent Rootkits, 0.60 per cent Office macros, 3 per cent were Scripts, 25 per cent viruses or worms and 27 per cent were Trojan horses (including rootkits).

In 2005, the majority of threats were inspired by financial gains.

Given the current threatscape, "we expect a continuation of many already established tendencies of the past year," says Niraj Kaushik, Country Manager, Trend Micro, India and SAARC. To keep the Internet safe from such attacks, Trend Micro, ICSA Labs, and Thompson Cyber Security Labs, among others, have announced an agreement to create identification and testing methodologies for spyware mitigation technologies.

As a result of this collaboration, companies and individual computer users will be better informed about anti-spyware purchasing decisions.

Product tests will be based on standardised third-party evaluation criteria, with common standard samples used in detection and testing environments.

This collaboration will eliminate confusion and empower customers to purchase solutions that meet their individual needs, say these companies.

Joe Hartmann, director, security intelligence research group, Trend Micro, says "spyware is a very different breed to the virus but, through many years of experience fighting the virus threat, we have learned significant lessons, many of which can be put into play fighting the escalating spyware threat."

say no to confusion

When publishing results and product recommendations, few product testers currently document their test samples or methodology. Also, many use very small sample sets in their testing environments.

As a result, there is no distinguishable benchmark for comparison of anti-spyware product vendors. This leaves customers unclear as to the most effective products and solutions for their environments.

"There is an enormous amount of confusion in the marketplace about the origins of spyware and the effectiveness of the tools designed to fight it," says Larry Bridwell of ICSA Labs, an independent division of Cybertrust.

"This agreement is an important first step in maturing the industry to the point where it can effectively combat the proliferation of spyware on behalf of customers, providing a safer and more efficient online environment for everyone."

By employing standard metrics for third-party evaluation, and a common sample standard, those difficult-to-measure characteristics can be made consistent across the industry. This, in turn, will enable customers to make transparent solution comparisons.

The group will use the definitions created by the Anti-Spyware Coalition (ASC) and work closely with the ASC in its effort to develop guidelines for research tools.

Thompson Cyber Security Labs says, "It's a great idea, and absolutely needed. Without some testing standards, marketers can make whatever claims they like, and can find a tester to help them prove it. As the situation currently is, the public is the big loser. This will set the stage for determining which products really do work, and which ones don't. It eventually will make all products stronger, and the world safer."

According to Umesh Deshpande, Country Sales Manager, Enterprise Security, Symantec, it is advisable to shut down any service that is not being used and use bluetooth only at the time of receiving or transferring files.

And go in for an integrated security solution that has a combination of antivirus, firewall and IDS.

savitharin@gmail.com