3 min read

Social networking is IT security’s ground zero: Kaspersky

The security software vendor has launched its 2011 consumer offerings, promising cloud-enabled protection and enhanced parental controls

With its launch this week of its 2011 consumer offerings – Kaspersky Internet Security 2011 and Kaspersky Anti-Virus 2011 – security vendor Kaspersky Lab aims to take the battle to what it calls IT security’s ground zero: social networking.

Peter Beardmore, director of product marketing in Kaspersky’s consumer business division, said they’re still seeing staggering growth in malware samples, with 30,000 new threats and 3500 new signatures being identified daily, and 30 million spam messages being sent every day.

However, while malware dominates the threat landscape in shear mass, Beardmore said in terms of effectiveness and risk the real security ground zero is in social networking. According to Kaspersky’s research, a social networking attack is 10-times more likely to succeed than a traditional spam attack.

“We’ve seen substantial growth in the number of users on social networks in the last 24 to 36 months, and particularly in categories that are increasingly vulnerable, such as older users who aren’t necessarily as tech savvy or tuned-into the numerous scams in the social networking world,” said Beardmore. “The whole implied trust relationship is just different in social networking than the traditional spam/malware model.”

Another continuing threat Kaspersky sees is legitimate Web sites being infected by links to malware, either through drive-by downloads, SQL injection, or malware in ad networks.

“The average person looking at a North American media outlet may be unaware they’re also getting small downloads from China, Russia or Brazil, and it also creates jurisdictional problems that make these attackers difficult to prosecute,” said Beardmore.

Kaspersky aims to handle the attacks on the IT security level though, not the criminal level, and its new 2011 consumer lines contain several new features designed to counter emerging threats. One that can tackle Web sites infected with international malware is Geofilter, which can filter content based on geographic origin. A user can choose to block traffic from a malware-rich country such as Russia, so malware exploits with Russian origins will be blocked when visiting North American sites. Beardmore said that’s a tool with more appeal to advanced users, but other new features also include SafeSurf, which provides reputation services for all URLs and domains and applies a level of security based on their history of malware.

One new feature in the 2011 offerings that users will probably interact with a lot is the Kaspersky desktop “gadget” for Windows 7/Windows Vista.

“It’s a simple idea, with a green status to let users know they’re protected, and yellow or red if there are issues to be addressed,” said Beardmore. “They can also drag and drop a file over the gadget to automatically scan it, using local and cloud-based threat analysis.”

Beardmore said Kaspersky’s innovations for 2011 focus on four key areas: real-time protection, emerging threat protection, identity protection and family protection.

Time to protection for Kaspersky has historically been about two hours for emerging-threat protection, from identifying a threat to writing a fix and adding it to the signature database. That process will continue, but Beardmore said with cloud-based systems Kaspersky is now adding real-time protection, which will see a threat identified and blocked in about 40 seconds from discovery. He explained the threat will essentially be blocked on Web-connected machines running Kaspersky immediately, while the permanent fix is being written.

Other new features include SystemWatcher, which can undo and repair changes made by malware and analyze log data. SafeDesktop builds on SafeBrowser to provide users a protected desktop environment, but currently only on 32-bit Windows installs. And enhanced parental controls allow parents to monitor their children’s usage around social networking and particularly instant messaging, block contacts, filter the type of information they can share such as names, credit card numbers and addresses, and allows them to restrict access to gains and limit time spent on the machine.

When it comes to social-networking threats, Bearmore said Kaspersky addresses the challenge with a multi-layer protection approach. Many attacks, for example, are coming through shortened URLs clicked by the user in third-party Twitter readers such as Tweetdeck. You don’t want to restrict the application, but Beardmore said since the underlying behaviour is to open a malicious link in a Web browser, Kaspersky’s browser protection helps guard against that, as does the security controls that go down to the TCP/IP level.

When it comes to other attacks that occur within the browser and the Web site itself, such as social engineering or Facebook attacks, that’s where inline URL filtering and blocking malicious sites helps. And, of course, so does education and common sense.

Nancy Stefansson, senior director of North American retail sales, Kaspersky Lab Americas, said just four years after entering the retail market, NPD sales data puts Kaslersky as the number two-selling security software in Canada.

“We’ve forged strong relationships with Staples Canada, Best Buy Canada, and we are the official “go-to solution” for the tech bench at Future Shop,” said Stefansson. “Working hand-in-hand with our retail partners to address their inventory and sales-training needs has been vital, and we’re looking forward to more success and even broader distribution in 2011.”

Kaspersky’s 2011 consumer offerings are available now online, and should hit the retail channel by early-to-mid September.

Follow Jeff Jedras on Twitter: @JeffJedrasCDN.