I had the pleasure of speaking to Rick Dakin, President and CEO of Coalfire Systems, Inc., the other day for a story about PCI (Payment Card Industry) audits and compliance. That story will be in my Network World Small Business Technology column in another week or so.
What really scared me were his comments about how far hackers are ahead of all the major security vendors. It took me a minute to realize what he was saying, but when I did, it ruined my day.
Rick said they have found if they have a drive full of suspected malware, but can’t really find anything, they sometimes put it on the shelf for three or four months. When they try it 90 or more days later, the same security tools that found nothing earlier then find all manner of viruses, spyware, keyloggers, Trojans and other malware.
The difference? It takes the security tools companies three or more months to discover the new malware, adjust their signatures and other malware-identification tools, and update their products in the field. What happens to users for those 90+ days? We go on about our business, thinking we’re fine, when we’re actually infected six ways from Sunday.
Don’t you feel better now? Neither do I. As we feel smug about keeping our anti-malware tools current, the hackers feel smug knowing they have three or four months of invisibility as they plunder our systems. This means our systems are never really clean, just less infected.