F-Secure Anti-Virus Research Team F-Secure Corporation's virus protection capability is built around the Anti-Virus Research Team. This group of people is in charge of all the virus samples sent to F-Secure.The Anti-Virus Research Team analyzes new viruses and creates their detection and removal capability. Suspicious samples are disassembled, debugged and test-driven. For these operations the team operates a high-security research laboratory, which is physically isolated from the rest of the company. Access to the lab area is strictly reserved for the team members only. The laboratory is packed with various types of computers so that various types of network configurations can be built for test purposes. The systems can be safely and automatically restored to a clean state, as they regularly get infected during routine research work.F-Secure receives many virus sample submissions from customers it is not uncommon to receive more than 50 samples on a busy day. Most samples are sent by e-mail to samples@f-secure.com. Not all of the samples submitted actually contain viruses; suspicious but harmless files, corrupted executables and various types of false alarms are received as well - and so are hoax virus alerts, which are chain letters warning people about non-existing viruses.Virus samples are also sent from other antivirus companies. F-Secure's researchers have actively cooperated with other companies in the antivirus industry since the early 1990s. Today, samples of new viruses are exchanged routinely between the main antivirus companies worldwide. This way each antivirus company has access to new virus samples on a timely basis.F-Secure's researchers also focus on new types of attacks as well as new viral platforms. For example, dedicated F-Secure researchers have been investigating the possibility of mobile phone or PDA viruses since 1999.Who are the virus researchers? The research team employs experts from five different countries. Since antivirus research is not formally taught anywhere, most experts are self-educated and have worked with low-level computing for ages. According to the strict ethical rules in force at F-Secure, persons who have a history of writing viruses or have been associated with virus writers will not be hired by the company for any position.F-Secure researchers work in shifts to maintain quick on-call reaction capability. At any given time, at least three experts are able to start working immediately should the need arise. The research team has always shown that it can react very fast indeed: it took 3 hours and 15 minutes to stop the Melissa virus in 1999, only 1 hour 40 minutes to stop LoveLetter in 2000, and little less than 2 hours to stop Nimda in 2001. According to Messagelabs UK, F-Secure was at least 30 minutes ahead of any competitor in for instance stopping the Goner virus.In 1992, F-Secure updated its virus definition databases about 6 times a year. Today, ten years later, the update rate is twice a day, and updates can be put out in real time whenever needed.F-Secure researchers also contribute to books and journals in the field, such as Virus Bulletin (VB), Computers & Security, Association of Anti-Virus Asian Researchers (AVAR), and Secure Computing. Speaking engagements at conferences and seminars are an important part of the researchers' job. F-Secure researchers have given presentations at the AVAR conferences in 2000 and 2001. This year, VB2002 featured three F-Secure research staff members: Sami Rautiainen, Gergely Erdelyi and Katrin Tocheva. F-Secure also has two members on the staff of CARO, the Computer Anti-virus Researchers' Organization.Marita Näsman-Repo, Communications officerMikko Hyppönen, Manager of Anti-Virus Research Begin | Back
F-Secure Corporation's virus protection capability is built around the Anti-Virus Research Team. This group of people is in charge of all the virus samples sent to F-Secure.