Antivirus, e-mail vendors up ante in malware fight

Technology to fight spyware, remotely controlled bots, and other threats will dominate news from the RSA Conference in San Francisco this week, as antivirus and e-mail security companies offer new products and features to protect companies and Internet users from sophisticated, malicious code.

Antivirus software companies Symantec, McAfee, and Sophos all plan to announce new technology to fight viruses, spam, spyware, and other blights. Those security software mainstays will be joined by a host of other companies that are introducing new services or expanding the security features of their products to address the rapid growth in the number of online threats.

Spyware tops the list of nasties in the crosshairs of companies setting up shop at the annual computer security show, which organizers say will be the largest ever.

Symantec plans to announce new features to fight spyware in a number of enterprise antivirus and intrusion prevention products. Symantec Antivirus corporate edition Version 10 and Symantec Client Security 3.0 will be available in March and have features that can spot and remove spyware, adware and other threats, Symantec said.

While Symantec software already spots many forms of spyware, new features have improved the ability of the company's products to detect spyware and Trojan activity in real time, and to remove spyware installations once they are identified, according to Brian Foster, senior director of product management for client and host security at Symantec.

The company also improved its spyware definitions to include instructions for cleaning up after the spyware, Foster said.

Also, Symantec's Network Security 7100 Series Intrusion Prevention appliances will be able to block communications from spyware and remote control Trojan horse programs, or bots.

The new features on the 7100 series allow organizations to protect networks against spyware and Trojan horse programs by spotting and isolating communications from compromised machines networks, Symantec said.

McAfee is also announcing changes designed to combat spyware. The company will begin releasing virus definition files, or DATs, each day, starting Feb. 24. The daily virus definition updates are designed to stay on top of threats such as backdoor Trojans and compromised systems, McAfee said.

Other companies also plan to make antispyware announcements later in the week.

Spyware was a nuisance just a few years ago, but has quickly morphed into a real security risk for companies, said Charles Kolodgy, an analyst at IDC.

"Spyware used to be just 'adware,' where you had pop-up (advertisements) and cookies that would report back your surfing behavior, and the security (companies) didn't look at that. But as more malicious activity started to occur, the security (companies) started responding," he said.

It is more difficult to assess the exact cost of spyware infections than it is the cost of virus and worm infections. However, companies are beginning to see the effects of the spyware epidemic in increased customer and user support costs, as removing spyware eats up support time, said Phoebe Waterfield, an analyst at The Yankee Group.