GHAREEB SAAD Kaspersky Lab products contain strong heuristics engines that monitor suspicious file execution to detect attacks
Global endpoint security solutions company Kaspersky Lab has introduced new measures to prevent cybercriminals from accessing sensitive data, alongside its malware-signature and heuristic device analysis detection methods.
Threats to mobile devices have increased from a total of 5 000 malware programs detected in 2011 to more than 20 000 detected each month, with more than 14-million dubious mobile apps in total. More than 315 000 new malware samples are detected every day across all platforms and operating systems.
This prompted Kaspersky Lab to develop its multidevice security product, which enables users to install comprehensive security solutions on multiple devices, including their smart phones, tablets and computers.
The product was launched last year and covers Android, Apple and Windows operating systems, as they are the most widely used and, consequently, the most targeted operating systems worldwide.
Many threats are so new that there are no malware signatures (often called virus definitions) available through an antivirus program to protect users, despite Kaspersky Lab’s continuous live updating of its malware signature library, says Kaspersky Lab senior security researcher Ghareeb Saad.
This, as well as the more well-known zero-day vulnerability threats and infections, has led to Kaspersky Lab developing new response methods to prevent intrusion and access to sensitive data.
The Kaspersky Lab products contain strong heuristics engines that monitor suspicious file execution to detect attacks. For example, the heuristics measure when the device tries to communicate through specific applications and compare this to what the user’s typical behaviour is, as well as identify the applications or programs trying to invoke connectivity to protected sites or if a process is trying to perform some malicious behaviour like hiding files or injecting itself into another process.
This is a simple example of the complex heuristics being deployed to detect cybercrime, previously unknown malwares and cyberfraud and represents some of the new cybercrime prevention methods being deployed.
However, even heuristics capabilities do not detect all threats and intrusions, as many of the more complex malware are designed to avoid detection; hence, Kaspersky Lab’s focus on protecting sensitive user data and files to prevent them from being extracted and used for fraud, notes Saad.
“Even on devices not used for commercial or financial purposes, cybercriminals can still get value from an Internet user’s device, including selling communications accounts, such as Skype accounts, using the machine’s processing power in other cybercrimes, such as for Bitcoin mining, or using a compromised device to attack a user’s other devices. This makes the active protection of user credentials and files crucial.”
Kaspersky Lab’s anticryptolocker system protects users from ransomware programs, which infiltrate a device, lock user files and then demand money for an unlock key, by enabling a user to restore the device and the locked files, thereby bypassing the ransomware, says Kaspersky Lab Africa MD Riaan Badenhorst.
The company’s latest multidevice security product includes improved parental control features to enable parents to protect children’s devices and browsing habits, detecting the security settings of Wi-Fi hot spots to improve security and decreasing the device resources required to run the security program.
“Kaspersky Lab is also seeing increased demand for its forensic cyberintrusion investigation services and growing demand for its products and services among companies in South Africa, as the number of cyberattacks against businesses increases,” concludes Badenhorst.