Thursday, October 30, 2008

Symantec adds Messagelabs to Christmas shopping basket

Symantec to acquire MessageLabs, bolster SaaS
by David M Williams Thursday, 09 October 2008

Symantec Corporation, producer of the popular Symantec Anti-Virus corporate suite and of the less-than-popular Norton consumer product, has today announced its intention to acquire global e-mail-filtering company MessageLabs. The move signals Symantec's growth as a provider of SaaS. Symantec has been on the acquisition trail for several years with other notable purchases being Veritas - of backup fame - and Altiris - known for their enterprise network management and help-desk suite.
MessageLabs differs from the products Symantec is best known for due to its Software as a Service (SaaS) model. That is, MessageLabs requires no infrastructure or maintenance within your network save to redirect your incoming mail to hit their servers, not your own.
The MessageLabs machinery scrubs and cleans your inbound e-mail stream, delivering a spam- and virus-free feed to your corporate mail server.
MessageLabs report their customers include major financial institutions and legal firms as well as governments.
Additional MessageLabs services include a web proxy element and e-mail archiving.
In one sense MessageLabs was a competitor to Symantec's existing mail security product. Yet, the acquisition appears little to do with shutting down a competitor and more about bolstering Symantec's overall presence in the growing cloud space.
The CEO of MessageLabs, Adrian Chamberlain, said the interest by Symantec proved MessageLab's SaaS model worked and that the company was a leader in its field.
Chamberlain stated at the close of the acquisition Symantec would launch a new SaaS arm which combined MessageLabs and the existing Symantec solutions for online storage, online backup and remote access. This new arm will be lead by the MessageLabs management team thus giving their division a stronger product from day one.
The purchase price will be $USD 695 million but at this time the expected completion date has not been advised, no doubt with due diligence still in progress.

Messagelabs Link

Symantec is expanding is's business but downsizing its workforce.

Seeing Tough Times Ahead, Symantec Plans Layoffs
Robert McMillan, IDG News ServiceThursday, October 30, 2008 6:10 PM PDT

Anticipating a slowdown in IT spending, Symantec expects to begin laying off employees next month.
Symantec isn't saying exactly how many jobs it will cut, but on Wednesday Chief Financial Officer James Beer said that the company is looking to trim about 4.5 percent of the cost of its workforce. Separately, Symantec is also outsourcing some of the work done by its IT and finance departments, he said during a conference call with financial analysts.
Symantec has not yet determined how many cuts it will make to its workforce of 17,800 employees, but the layoffs will affect staff in all regions, said Cris Paden, a company spokesman. "We'll be notifying employees next month," he said.
On Nov. 1, Hewlett-Packard's EDS division will start taking over some of the company's IT operations, and IT and finance employees will be moved off the company payroll over the next 12 months, Paden said. Those reductions have been planned for months, and are separate from the cuts announced Wednesday.
Symantec's stock [SYMC] dropped nearly 18 percent Thursday on the company's sober economic outlook and its reduced earnings expectations.
Starting in the last weeks of September, Symantec saw some "hesitation from some of our customers when it came to finalizing commitments," Beer said in an interview.
"We did see some pulling back," he added. "It was an effect that we saw in different parts of our customer base around the world."

Tuesday, October 21, 2008

Human error and hardware theft are the two main causes of data breaches

Data breaches caused by human error, hardware theft

By Kathryn Small
21 October 2008 05:00PM
Human error and hardware theft are the two main causes of data breaches, according to Symantec’s recent survey into Data Loss Prevention.
The global security, storage and systems management company surveyed 156 Australian companies with 100 or more employees. Results were sent in from IT managers and C-level executives. The majority of respondents represented businesses with a financial turnover of $10-$500 million.

The survey’s headline result is that 79 per cent of respondents have experienced some form of data breach, and 40 per cent have experienced anywhere from six to 20 known data breaches in the past five years.

Further, 59 per cent of respondents suspect that they have experienced undetected data breaches, with many considering it “impossible” to catch every attempted breach.

Respondents lost different kinds of data, including customer records (55 per cent); employee records (48 per cent); intellectual property (43 per cent); commercially sensitive information (35 per cent); bank and credit card details (21 per cent) and financial information (20 per cent).

Lost or stolen laptops were the top cause of data breaches, at 45 per cent. “Respondents estimated that the average cost of a data breach was the same as replacing a lost laptop,” said Steve Martin, Mid Market Manager Pacific. “But I believe that’s too low, since it doesn’t take into account the potential value of the data.”

Lost mobile phones or portable devices also weighed in at 30 per cent. “A phone is the easiest thing to lose, and the easiest thing to steal,” said Martin. “Whenever I ask groups if they have email access on their phones, and whether their phone is password protected, the second number is always very low.”

The other key cause of data breaches was accidental human error (42 per cent). Craig Scroggie, VP and MD Pacific, cited the case of a restaurant which accidentally emailed 3,500 customers a copy of their client database, containing names, addresses and dates of birth.

Malicious attacks included hacked systems (29 per cent), malicious insiders (28 per cent), paper records being smuggled out of an organisation (26 per cent) and malicious code infiltrating systems (24 per cent).

“Today’s organisations have no walls and information can be anywhere, so securing the perimeter is no longer adequate. Additionally, many organisations believe that confidential information is most at risk from malicious acts when employees are mobile and not connected to the corporate network,” said Scroggie.

Among intentional security breaches of company secrets or intellectual property, 77 per cent said that data was copied to removable storage devices, and 51 per cent said that printed paper records were removed from the premises.

Other methods of moving stolen data included email or instant messaging (41 per cent), posting to public websites (26 per cent) and copying or photographing confidential data onto mobile phones or PDAs (21 per cent).

Scroggie emphasised that Data Loss Prevention required a holistic approach to protect customers, brands and intellectual property.

“We can stop these problems today,” said Scroggie. “We have the ability to discover, monitor and protect confidential data.”

Tuesday, October 7, 2008

PC Tools to be poor man's Norton

Liam Tung, ZDNet.com.au
28 August 2008 04:16 PM

Computer security giant Symantec said it would not integrate the software of recent acquisition PC Tools into its mainstream Norton suite, instead using the products as its low-cost option for countries such as India and China.
"The goal right now is to look at emerging markets. We'd like to see PC Tools take emerging markets — countries like Brazil, Russia, India, China," said Symantec's VP of consumer engineering, Rowan Trollope.
"They have been very successful at selling to a very specific segment of the market place that is more interested in lower price solutions."
The Australian security vendor is reported to have cost Symantec AU$300 million, and according to Trollope, gives it an avenue to target these countries without needing to drop its prices for Norton.
Asia Pacific is Symantec's fastest growing region, however, it generates the least revenue of its global operations, netting the company US$231 million, or about 14 per cent, of its total revenues for Symantec's first quarter 2009 earnings.
"I think price is an important component of the offering you bring to an emerging market. Some require lower prices, some accept higher prices, but with India and China in particular, you have to go in with lower prices," the executive told ZDNet.com.au.
While Norton Antivirus 2008 costs AU$59.00, and its Internet Security suite costs AU$99.00, PC Tools' equivalents respectively cost AU$49.95 and AU$79.95.
At the time of the acquisition, technology analysts at Gartner and Intelligent Business Research Services struggled to explain why Symantec would buy PC Tools, which had similar products to its own and added just 200 staff to Symantec's ranks of 17,000.
Trollope said that PC Tools did offer it some new technologies. Registry Mechanic, PC Tools Utility Suite, Threat Fire, and Browser Defender are considered "complementary" to Symantec's products.
While Symantec planned to run PC Tools as a "completely independent company", he said some products would be assessed for overlaps with Symantec's existing products.
"[PC Tools] have Spyware Doctor and they've got some other products that are similar to our products where we will be certainly interested in looking at how do they overlap and who provides which service," he said.
Trollope declined to confirm whether it had paid AU$300 million for PC Tools.


----------------------------------

Symantec have acquired PC Tools because of Threatfire engine (formerly Cyberhawk, Zero-day behavior based anti-malware) and ThreatExpert (PC Tools's sandbox automation tool for threat analysis).

Furthermore, because AV market is increasingly becoming competitive and narrower, it’s very important to acquired competitors to stay competitive in the market place.
Both Symantec, McAfee and Trend Micro have been acquiring third party anti-malware and security product vendors in order to acquire newly developed technology or destroy possible competitors, it’s usual Art of War strategy in ever competitive business world.

Monday, October 6, 2008

Single Trojan accounts for 60 per cent of September attacks

By Lain Thomson 1 October 2008

A single family of Trojans has accounted for over 60 per cent of malware infections in September, according to Fortinet. The RogueSecurity Trojan and its variants accounted for 61.5 per cent of all malware attacks in September the company claims. The Trojan and its varients took the top four positions of the company’s malware list.“Not since the start of this year when the notorious Storm virus made a continuous run of devastating attacks has any comparison been seen with this level of activity,” said the company.“However where the Rogue security applications excel is the accumulated volume: maintaining these extreme levels of activity for at least six days, not to mention the other variants. “The bulk of malware activity occurred in the second and third week of the month, with the W32/Inject.GZW!tr.bdr Trojan peaking at nearly two million in the middle of the month.

Virustotal report from two samples:

Sample 1 Sample 2

This is usual Fakealert trojan that have capability to inject it's own dll process to any executable (PE) files that alerts users being danger of "new bogus" infection or actually telling user that their PC is compromised and buy their Anti-virus or Anti-Spy product.

Global Virus Map