Five major anti-virus and security companies this week announced a collaboration effort aimed at fighting spyware, promising to share detection, testing and methodology for the benefit of consumers.
McAfee (NYSE: MFE), Symantec, Trend Micro, ICSA Labs and Thompson Cyber Security Labs agreed to create standardized identification and testing for spyware, including common standard samples, in response to the increasing difficulty in identifying and categorizing the malicious software. The organization will be dubbed Spywaretesting.org.
“There is an enormous amount of confusion in the marketplace about the origins of spyware and the effectiveness of the tools designed to fight it,” said ICSA Labs’ content security programs manager Larry Bridwell. The agreement is a first step in “maturing the industry” to the point it can effectively fight spyware, he said.
Citing a growth rate of 50 to 100 percent in the last year, the companies called spyware among the fastest growing risks to consumers and organizations.
At the same time, few product testers currently document their test samples or methodology, and many use small sample sets for testing.
“As a result, there is no distinguishable benchmark for comparison of anti-spyware product vendors, leaving customers unclear as to the most effective products and solutions for their environments,” the companies said in their mission statement.
Sharing the Fight
The group said it would use standard metrics for third-party evaluation and a common sample standard to bring more consistency and transparency to the anti-spyware industry.
Other, longer-term objectives of the companies include threat naming conventions; intelligence-sharing best practices; and emergency information distribution guidelines.
The companies are trying to come together on some parameters for identification and disclosure of spyware data, McAfee Avert Labs Director of Operations Joe Telafici told TechNewsWorld. While the effort is initially focused on identifying and removing the spyware already on users’ machines, it will likely evolve to prevention of spyware infections down the road, he said.
Challenge of Exchange
Citing his company’s position as the anti-spyware provider with the most spyware definitions, Webroot Vice President of Threat Research Richard Stiennon told TechNewsWorld his company views the collaboration with caution.
“I don’t know if it will help the industry, but it’s probably good for the battle against spyware,” he said.
In terms of sharing information beyond spyware signatures, such as techniques to eradicate spyware, Stiennon said it may be difficult given that is what often differentiates such companies.
“It’s not like viruses,” he said. “For every piece of spyware, there could be a number of different pieces of software that would change the [anti-spyware] engine.”