Criminal intruders and hackers are continuously inventing new technologies to penetrate personal computers and servers. The latest development is the use of advanced stealth techniques called rootkits. Rootkits can place e.g. Trojans and keyloggers invisibly on the computer to monitor and steal data from them. The malicious code is hidden so well that neither the operating system nor any of the existing conventional security products (e.g. antivirus, antispyware or Intrusion Detection System (IDS) solutions) can detect them.
F-Secure further strengthens its solutions for Host based Intrusion Prevention (HIPS) by introducing the first version of the F-Secure BlackLighttm Rootkit Elimination Technology
This invisible form of malicious code is believed to become a growing problem in the future. At the recent RSA security conference in San Francisco, Microsoft Corporation and security industry experts expressed their concerns about the rising problem related to rootkits. (ComputerWorld Article on Feb 17th, 2005; Microsoft on 'rootkits': Be afraid, be very afraid). For example the Windows XP operating system is unable to show files or processes deployed by many rootkit programs. This leaves the user or administrator unaware of their presence. These types of stealth spyware programs are believed to be involved in some well-known industry espionage cases.
"Powerful Windows rootkits have the potential of becoming a major problem in the future," says Mikko Hyppönen, Chief Research Officer at F-Secure. "Rootkit programs gain access to everything on the system and can silently do whatever they want on the computer. These attack programs penetrate personal computers and servers via viruses or vulnerabilities. After the rootkit has placed its payload, conventional security products - including anti-virus and spyware programs - will not be able to detect or remove them," says Hyppönen.
F-Secure has been developing new techniques for detecting and eliminating rootkits. As a result, F-Secure is now ready to release the first Beta version of the F-Secure BlackLight™ Rootkit Elimination Technology. F-Secure BlackLight™ can detect and eliminate files, directories and processes that are hidden from the operating system and undetected by current security products. "Since existing antivirus and antispyware products are not able to detect and stop the next wave of stealth viruses and spyware, we are confident that administrators and IT specialists will appreciate this new level of security," says Pirkka Palomäki, Vice President, R&D at F-Secure. "We are very exited about the BlackLight™ technology and its capabilities."
F-Secure will announce products and solutions that use the BlackLight™ Technology this year. This will further strengthen the companys existing host security offering which includes centrally managed anti-virus, firewall, intrusion detection and anti-spyware solutions.
Source: F-Secures press release of March 7, 2005
Begin
Back