Tips on how to best test security solutions for the newest tester on the block, the CIA.
Selecting the right security solution to protect your devices isn’t always an easy decision to make - whether you’re a consumer or a larger organization. Luckily, there are many independent testing laboratories who do their job at testing security products well, so end customers have a way to compare and select a solution that suits their needs best. It’s not often we see a new kid (tester) on the block.
Yesterday, June 22, 2017, Wikileaks published CIA documents from the agency’s Brutal Kangaroo project. These documents show that the CIA has tested antivirus solutions and they therefore could be recognized as the newest (in)dependent security tester. Sure, the documents are a bit old, but still. I’m personally looking forward to seeing the CIA join the Anti-Malware Testing and Standards Organization (AMTSO) to adopt and collaborate on existing and new testing guidelines and standards.
I’m pleased to inform you that Avast Internet Security received the CIA-graded certification in their test, which was published on WikiLeaks (look for “AIS” = Avast Internet Security). Avast was one of just few antivirus vendors who were able to spot that something suspicious was happening when the CIA tested Avast’s cyber arsenal, to see which antivirus protections they could bypass. The CIA probably prefers you use all the other antivirus solutions, because they either didn’t detect the CIA’s malware or only dumped the execution information into the log file.
But from the point of testing, I think there’s huge room for the CIA to make improvements. Here are few points and I hope the CIA will consider them for all of their future testing rounds. These suggestions are based on the best practices, AMTSO guidelines, and newly developed standards.
I think this is enough and I believe the CIA will make some steps to become better tester, at least I hope so ;).
Information belonging to over 100 Italian banks breached by the Ursnif banking trojan was obtained by Avast Threat Labs, which then shared the data with as many of the victims as could be identified.
Avast researchers obtained information that the Ursnif banking Trojan has targeted 100 Italian banks and may have thousands of victims.