The Threat Within: 3 Out Of 4 Companies Affected By Internal Information Security Incidents
Woburn, MA - November 29, 2012 - Kaspersky Internet Security 2013 was one of just four antivirus products to impress independent analysts from MRG Effitas by blocking all attempts to steal financial data in a recent test.
- MRG Effitas, an independent organization which specializes in testing IT security solutions that protect financial data, assessed 15 popular security software offerings, including Internet Security class products
- The products were expected to prevent the theft of data entered on a payment system website
- Kaspersky Internet Security 2013 successfully blocked all attempts to steal financial information
- The advanced protection for financial data provided by Kaspersky Lab’s new Safe Money technology fueled these impressive test results
Kaspersky Internet Security 2013 was one of only two security solutions that detected and blocked all the financial data theft attempts. Two other security solutions only detected the malicious activity using traditional antivirus technologies, which does not guarantee full protection in real-life situations. Most other products only passed the first, and easiest, test.
Only four products out of 17 successfully passed a separate test for dedicated solutions designed to protect financial data. Kaspersky Lab’s excellent result was made possible by the new Safe Money technology developed by Kaspersky Lab experts to provide comprehensive protection for financial data against advanced cyberthreats.
How The Tests Were Performed
MRG Effitas sought to test the ability of popular security solutions to see how effective they were in protecting against malware designed to steal financial data. For testing purposes, experts created three programs that emulated the behavior of widespread threats such as Zeus and SpyEye. The platform used for testing was the 64-bit version of Windows 7 Ultimate with Service Pack 1 installed.
In each of the three tests, MRG Effitas experts emulated an attempt to steal user data entered on a website supporting SSL – a protected data transfer protocol used by most banks and by many popular online services.
In the first scenario, experts downloaded malware from a special website using Internet Explorer. Next, they executed the downloaded emulator, opened the payment system website in a browser and entered personal data using a hardware or virtual keyboard. The latter was used if it was available in the security solution being tested. Emulators for the second and third testing scenarios were created by MRG Effitas engineers specifically for the new study. The developers intended these emulators to easily circumvent standard antivirus protection. These malicious programs were loaded into the system from a USB drive. They gathered all the stolen information on the computer’s hard drive, waiting for the cybercriminals’ request.
For purposes of these tests, a positive result was defined as the security solution’s ability to prevent the interception of financial data, even if the malicious object was present on the hard drive in stealth mode. However, if a security solution prevented an emulator from being loaded on the computer or blocked the emulator’s operation, the experts also counted this as a success. Those security solutions which were unable to prevent the theft or clearly alert the user to the danger were deemed to have failed the test.
Nikita Shvetsov, Vice-President Threat Research Unit
“Every day, more and more people across the globe use electronic payment systems and tools providing remote access to their bank accounts. These people want to know they are protected from financial cyberthreats, and they are counting on antivirus software for that. The results of independent testing conducted by MRG Effitas clearly show that our solution, Kaspersky Internet Security 2013, which includes the new Safe Money technology, meets users’ needs and provides reliable protection of financial data.”
- Whitepaper Safe Money technology
- More information about financial malware and other cyberthreats
- Comparative testing news on the Kaspersky Lab global website
About Kaspersky Lab
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for consumers, SMBs and enterprises. The company currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.com.
* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2011. The rating was published in the IDC report "Worldwide Endpoint Security 2012–2016 Forecast and 2011 Vendor Shares (IDC #235930, July 2012). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2011.
Articles related to Press Releases
The End of the World for APTs As We Know Them in 2016
Securing Smart Cities Issues Guidelines for Smart City Technology Adoption