beelding gebaseerd op Disk with Morris Worm source code van Intel Free Press (licentie: CC BY-SA 2.0)

Ton Siedsma

15 november 2013 18:18
Door Ton Siedsma

Cybersecurity

AV-vendors: we will act upon detecting govt malware

Last month, we – as part of an international coalition of civil rights organizations and academical experts – asked antivirus software vendors about their current position on detecting state-generated malware. Today, the deadline for reaction expired.

Up until this moment, only 30% of the vendors have replied to our questions. ESET, F-Secure, Kaspersky, Panda en Trend Micro took the effort to respond, for which we would like to thank them. The companies confirm the detection of state sponsored malware, but state they have never received a request to not detect malware. And if they were asked to do so in the future, they said they would not comply. All the aforementioned companies believe there is no such thing as harmless malware.

This means that it is only a matter of time before (new) state sponsored malware is detected by the vendors, similarly to FinFisher en R2D2. This also shows that state-sponsored malware will have a very limited effect and it should be yet another reason for governments to refrain from the use of any kind of malware.

A lot of companies have failed to respond. Why? We are curious and will contact them again. We will keep you posted!

Update:
Avast, Avira, BitDefender, Norman Shark and Microsoft also responded.

2 reacties

laat een bericht achter

axelarnbak schreef:

nog reactie ontvangen van de andere AV bedrijven?

Mark Koek schreef:

People – AV does not generally detect targeted malware attacks. It would be monumentally incompetent for a government agency to supply its malware to AV companies asking for a free pass. Firstly because they don’t need to – bypassing AV in a targeted attack is really not a big deal. And secondly because there would be a real risk of blowing their cover if they did.

Geef een reactie

Het e-mailadres wordt niet gepubliceerd.

WORD DONATEUR

Zoek in blog