Last month AV-Comparatives, the independent virus check company issued their latest report of the state of virus checkers as of February 2009 which compares how well antivirus software is performing.

Their tests examine :

• virus detection statistics of malware released in April 2006-April 2008 (Set A)
• virus detection statistics of over 1.2 million of malware released in the last nine months (Set B) as shown in Figure 1
• who had the least false positives
• the files that the different antivirus software are reporting as malware but isn’t
• the scanning speeds

Figure 1 – Viruses detected by the major anti-virus software - AV-Comparitives March 2009 Report

The figures make for troubling reading.  According to these figures if your organisation only has one type of anti-virus software, then your organisation may be infected. Lets look at why.

1. In Figure 1 the top performer was GDATA which managed to detect 99.8% of the malware released in the last nine months.

2. This amounts to 0.2% of undetected viruses by the top performer.

3. The detection sample was over 1.2 million.

4. 0.2% of 1.2 million is equivalent to 2400 pieces of malware that may have got through your defences.

5. The amount of malware that will have got through your defences increases further if you had any other single anti-virus product.

Call to Action
It is absolutely essential that your organisation train your employees properly on the risks associated with the internet and downloads from websites, emails and social networks whether they be from unknown people to friends.

After-Note
GDATA didn’t come up top in the AV-Comparative awards as it also caused the most false positives. The problem with false positives is that it can mean

• application problems for your company if files are quarantined wasted time in investigations
• users not taking the virus checker seriously

The latest AV Comparative reports can be accessed here.

AV-Comparatives are also interested in analysing any files you suspected are infected and these can be uploaded here.

Companies can no longer feel safe just because they have a multi-layered virus defence strategy. as this article has shown, cybercriminals have become very cunning in the methods that they are using to bypass corporate scanners and there is a desperate need to change our security model.