New! Read our free whitepaper about F-Secure DeepGuard, our proactive protection against new and emerging threats. Read it here.
You may know that F-Secure won the Best Protection Award – twice in a row. But if you’ve ever wondered about how we actually go about protecting our customers from malware, this post is for you. We do it by going deeper. Let me explain.
Traditional antivirus software looks at the outward characteristics of files to see if the characteristics match those of previously seen malware files. If they match, the antivirus program knows to block the file.
For this system to work, antivirus labs need to have a sample of the malware file in order to analyze its characteristics so they know exactly what they need to block.
This is a very effective method for blocking most malware seen to date, and this is how F-Secure protects you from existing malware we already know about.
Of course, it takes time for antivirus labs to receive a malware sample and analyze it so we can effectively block it. That means brand new malware created just in the past few days or weeks that we haven’t yet had a chance to analyze, can get past traditional scanning systems.
Complicating the issue, cybercriminals who create malware nowadays are very clever at avoiding detection by antivirus programs. One way they do this is by creating new, different variants of their malware. These variants are still the same malware at the core, but they appear new and different on the outside. Like a criminal who dresses in disguise to avoid being recognized, the malware file is disguised to avoid detection by antivirus software. There are automated malware creation kits that do this for the cybercriminals, making it easy to spit out thousands of new variants.
To be able to protect from brand new malware, then, and to protect from all the new variants of existing malware, it is crucial for F-Secure’s software to be able to detect a malware file even before our Labs have ever received a sample of it.
So how do we block malware strains we’ve never seen? We examine not just a file’s outward characteristics, but we also monitor its behavior for suspicious activity. Like I said, malware can change in appearance and characteristics. But one thing never changes: Malware always does malicious things. So if we’re not sure if a file is malicious or not, we watch to see how the program behaves.
We call our behavioral analysis technology DeepGuard. DeepGuard observes a program’s behavior and prevents potentially harmful actions from successfully completing. This way, we can block even brand new malware files that haven’t yet been analyzed. And we can stop malicious files that are disguised as something else.
When the user opens a file, any file, DeepGuard instantaneously checks for suspicious behavior, and if it finds something, it will block the program from launching. Since some malware hide their malicious behavior until after the program launches, DeepGuard still continues monitoring programs while they are running, watching for and blocking suspicious actions.
DeepGuard is a feature of F-Secure’s products, working in tandem with our other protection layers (browsing protection, traditional signature scanning, file reputation analysis, and prevalence rate checking) to provide the very best protection. Our newest version, DeepGuard 5 with exploit protection, has already been rolled out, so customers with the latest versions of F-Secure products are already benefiting from the latest technology.
And that’s how we protect you.
How important is it to ask the right question? Our Security Advisor Sean Sullivan thinks it's so important that it can either help or hurt your cause. Most anyone who has debated the issues of government surveillance and online tracking by corporations has likely faced someone who dismisses concerns with "I don't have anything to hide." This is apparently a very popular sentiment. 83 percent of respondents in the United Kingdom answered "No" to the question "Do you have anything to hide?" in a new F-Secure survey. "You might as well be asking people – are you a dishonest person?" Sean wrote in our latest Threat Report (like goes to PDF). "The question is emotionally charged and so of course people react to it in a defensive manner – I think it is perfectly natural that 83% of people said no." Sean suggested another question that reframes the debate: "Would you want to share everything about your life with everyone everywhere, all the time, forever?" Think about just your Google Search history. Seriously, take a look at it -- here's how you can see it (and delete it). "And my prediction was proven correct – 89% of respondents did not want to be exhibitionists," he wrote. Both questions, he notes, at the core ask, "Do you think privacy is important?" One does it in a way that's accusatory. The other in a way that's explanatory. Sean suggests that we all have things in our past we'd rather forget and asking the right question can get people to see that quite quickly. There's reason to pessimistic about privacy given that there has been substantial change in U.S. government policy since the Snowden revelations began. But even that may change soon with bipartisan revisions to the the law that began legalized mass surveillance. This imperfect attempt to limit the NSA's bulk collection is a promising start of a major shift away from methods that have done more to stifle digital freedom than to achieve the unachievable goal of creating a world without threats, if it's indeed just a start. Maybe we're starting to ask the right questions. [Image by Ashleigh Nushawg | Flickr]
Malware is an omniscient threat – it’s present even when people don’t realize it. Understanding the threat is a key component of protecting yourself and your devices, and nothing drives that point home like cold hard facts and comprehensive research. F-Secure just released its latest Threat Report, which provides important insights into contemporary digital threats. The report details the various changes and trends in the digital threat landscape using data collected during the 2nd half of 2014. The threat report is full of important information, and it’s worth checking out to get some ideas about what attackers are cooking up. Trends like social media malware, exploits, and ransomware are detailed in the report. But there’s tons of important information people should be aware of, and so we put together an infographic to give you a quick overview of the report. The report provides lots more information about the threats, incidents, and trends that were prominent in the latter half of 2014. There's also some insightful words penned by F-Secure security researchers to give you a little context about why you need to arm yourself with knowledge to defend yourself against digital threats. You can download the full threat report for free from F-Secure’s website.
In the United States, Australia and Canada, April 23 will be Take Our Sons and Daughters to Work Day. But given our changing economy and workplace, is one day enough to improve the bonds between parent and child? Originally created to give girls a chance to "shadow" their parents in the workplaces women have so often been excluded from, Take Your Kid to Work Day, as it's often called, was expanded in 2003 to include boys as a way to help all kids see "the power and possibilities associated with a balanced work and family life." It's a nice ideal, but it isn't much of a reality, at least in many industrial countries. Americans spend an average of 1,788 hours a year at work. Most parents with full-time jobs will spend almost two-thirds of their day working and sleeping, leaving little time for anything else. Hopefully your country is a little better at balancing work/home. Finnish workers, for instance, spent 1,666 hours on average at work in 2013 that's 122 hours or 3 full weeks less than their American counterparts. Don't be jealous: German workers only averaged 1,388 hours at work in 2013. Chances are wherever you live your kids already see you at work. A 2012 survey found that 60 percent of Americans are email accessible for 13.5 hours a weekday with an extra 5 hours on the weekend. Given the extraordinary demands work makes on us, perhaps you can make a demand on your work to be a bit more flexible. Given that we're nearly always accessible, why can't parents plan around their kids' schedules and get some work done? Activities like sports, dance, karate and other arts offer parents a chance to be an active observer of their kids while getting some work done on a mobile PC or device while their children are being supervised by another adult. Given that 70 percent of millennial use their own devices for work, it's likely that younger parents already do this to some degree on their phones and tablets. But they're likely not thinking about potential data leakage that can occur, especially when using public Wi-Fi built on old technology that could expose your identity and possibly even your email. But with security and a virtual personal network -- like our Freedome VPN -- you can be about as secure in the office as you're out in the world seeing how your kids work, as they get another chance to see you. Cheers, Sandra [Image by Wesley Fryer | Flickr]