Symantec responds to NYT hacking incident
Our report last week talked about how Chinese hackers allegedly broke into the New York Times and made off with the passwords of every employee. The same report also cited how the use of Symantec anti-virus products apparently only identified the attackers' software as malicious in one instance, even though 45 different pieces of malware code were installed over a period of three months.
Reacting to the report, Symantec emailed us a statement noting how anti-virus software alone is unable to fully prevent against online threats. The security vendor urged businesses use of a combination of tactics to identify attacks and threats.
"The advanced capabilities in our endpoint offerings, including our unique reputation-based technology and behavior-based blocking, specifically target sophisticated attacks. Turning on only the signature-based anti-virus components of endpoint solutions alone are not enough in a world that is changing daily from attacks and threats."
In my editorial, It's time to overhaul our anti-malware defenses, I highlighted how a good hacker can be expected to test their latest creations against the latest security software--rendering signature-based anti-malware defenses completely outclassed. Symantec appears to agree on that point at least, noting that they "encourage customers to be very aggressive in deploying solutions that offer a combined approach to security. Anti-virus software alone is not enough."
Still, there is a feeling that more could be done on this front. Instead of marketing their anti-malware software as being adequate, even while attempting to sell more software solutions under the guise of a "combined approach," perhaps security vendors should re-engineer their products to combat the clear and present dangers of custom malware.
- check out this article at The Inquirer