“You don’t know what you don’t know, because you can’t see what you can’t see”: Threat detection is reaching a negative inflection point

In this blog post I present a few bold (and quite disturbing) figures about the current state of affairs of malware and its detection. I assert that given the unbearably and unacceptably long time it takes to detect malware (IF at all detected), and the growing cost and complexity of its detection, it’s time to admit that current malware detection technologies have more than exhausted themselves and that it’s time for new detection paradigms to emerge.

The perplexity

Reading the threat and malware reports frequently published by security vendors and security-research labs leaves the reader perplexed. Not one report resemble the others in terms of defining the main threats and the quantitative analysis of the levels and dynamics of the threats.

It seems that each vendor has a “unique angle” on the threat landscape, probably based on its technological solutions and its own security knowledge-base.

There doesn’t seem to be any agreement about the scope and breadth of the threats, save for one conclusion: The threat level is rising and so is its severity.

The harsh reality: Malware true state of affairs

Here are a few bold figures published very recently by prominent security players:Continue reading