New alliance aims to unite malware fight

A new alliance has been created to formalize information sharing on security protection and develop industry standards.

The Industry Connections Security Group (ICSG) is parked under the IEEE Standards Association and includes mostly security heavyweights and antivirus players. The founding members are AVG Technologies, McAfee, Microsoft, Sophos, Symantec, and Trend Micro.

Announcing the group in a blog post on Monday, Mark Harris, vice president of SophosLabs, said security researchers have had a tradition of sharing virus samples but that the sharing arrangements "are still based on individual relationships rather than formal agreements."

The formation of the group makes for a "more organized" security industry, he added, in the current landscape where attacks are increasingly structured and malware samples grow at "astonishing rates."

The ICSG currently has a malware working group, but intends to add other working groups over time.

According to a July 20 presentation document (PDF), the group aims to improve the efficiency of the collection and processing of the millions of malware file samples handled by security vendors each month by focusing on an XML-based metadata sharing standard. The standard is expected to undergo ratification by the end of this month.

Graham Titterington, principal analyst at Ovum, said the announcement of the group was both interesting and confusing. The rationale for the new alliance was the need for a more comprehensive approach to countering malware writers, he said, but the focus of the group appears to be limited.

The group addresses "all aspects of malware and its membership includes most of the main antimalware vendors--Kaspersky being the most notable absentee--and so the ICSG represents progress on countering the so-called 'blended threats,'" he told ZDNet Asia in an e-mail. "However, it does not seem to be taking the battle to the criminals or probing the criminals' business networks. The focus is on setting up the infrastructure and protocols to allow rapid information sharing on threats and making the day-to-day operation of the members more efficient.

Titterington added: "I would have expected a body affiliated with the IEEE to be putting more emphasis on the development of improved methods for disrupting criminal activity and on new ways of protecting users."

Vivian Yeo of ZDNet Asia reported from London.

[mrtrout]

when i read this article on cnet security i thought to myself this is a great idea the top security company,s getting together to form a new alliance against the nasty!! bad malware creators of bad software on the internet these are good well known deep pockets companys they are( microsoft ) the richest amoung the bunch( symantec) makers of norton!! also rich!! ( mcafee) rich!! ( avg) worth a lot of money!! ( trend micro) all of these security company,s have been fighting the good fight against the evil malware!! out on the internet for years now!! sort of like the justice league of( antivirus & antispyware!!) for all of us internet users never stop the fight against the evils of malware!!

[The_happy_switcher]

I can't find one coherent sentence in your post. Care to re-write it? I strongly recommend you purchase Strunk and White's 'The Elements of Style' for some basic grammar skills, too.

[pithenumber]

@switcher
for once, I agree with you

[santuccie]

@mrtrout:

Your English is so poor that even a college-level literate, such as myself, can hardly follow you. It looks like you're insinuating that Microsoft, Symantec, McAfee, Grisoft, and Trend Micro are themselves malware authors. That is ludicrous! Just so you know, there are lots of corporations and agencies whose servers can trace malware variants back to their origins by monitoring the spikes in Internet activity. Most malware comes from Russian gangs, such as the RBN who created the Storm worm and other prominent parasites.

There are "rogue" companies out there, and virtually all of them are known shortly after their debut. But the big names you just spat out are not; these are giants with legitimate products and, consequently, reputations to protect. Three things you need to consider before making such a statement are these:

1) Writing malware doesn't guarantee the success of your company; if McAfee writes malware, and more users install Symantec security products to protect their systems, then what does McAfee gain from it?

2) The big names you mentioned make plenty of money legitimately, and have everything to lose. If they were to get caught writing malware, it would be curtains for a very lucrative business.

3) All it takes is one honest worker in a huge company to rat them out.

Sorry to bust your bubble, but not everything your friends and family members tell you about software companies is true. It would be a good idea for you to do some research before repeating it over the Internet and looking really silly. Also, if English is a second language for you, I'd suggest you draft posts in your native language first, and then go to Google Language Tools to have it translated to English: http://www.google.com/language_tools?hl=en This way, someone might actually be able to read your posts!

[morlamweb2]

'Titterington added: "I would have expected a body affiliated with the IEEE to be putting more emphasis on the development of improved methods for disrupting criminal activity and on new ways of protecting users." '

What Titterington's talking about sounds more like police work than engineering. Since when did the IEEE become a law enforcement agency?