A group of new and upcoming technology security companies are said to be losing access to one of the largest collection of computer viruses due to VirusTotal’s new policy, something industry experts believe will increase their exposure to hackers and hacking activities.
VirusTotal, the information sharing pioneer, is making new policy changes which are aimed at the new crop of security players in the tech industry. Some of the companies are valued at $1 billion or more but have not been contributing to the companies’ data analysis. The move comes as older companies, most of which have smaller valuations than the new companies pressed for the shift highlighting the fact that the new companies were not contributing as they should.
VirusTotal is run by Google. Security experts are able to share any of the new examples of any new malicious codes that will be on the market and any other opinions and advice on how to tackle the problem. The 12-year-old service, however, released a statement where it showed that they were going to cut off any unlimited rating access to some of the companies. The companies affected are those who do not share their own evaluations of submitted samples.
Analysts and security experts believe the move will leave some of the companies exposed, and also lead some of them to tag otherwise good software and label it as malicious. This will lessen their ability to protect their customers from real threats, in the short term.
Andreas Marx, chief executive of security software evaluation firm AV-TEST, said detection scores at some of these companies would drop. This is good for hackers because if detection rates lower, then the hackers would find it easy to penetrate people’s software. Some of the security companies rely heavily on the VirusTotal database, but for fear of not being found out they do not want to share their results.
There was no mention of the firms that are being cut off, but sources close to the matter said companies such as Cylance, Palo Alto Networks, and CrowdStrike were likely to be cut off, together with some other smaller companies.
Chief Research Officer at Cylance, Jon Miller, said the company had not suffered yet, but others had. The company decided not to share its technology. Therefore, it gave up on the ratings two weeks ago. According to Miller, most of the next generation products were not functioning at the moment but denied to say which of them. He also suggested that the cut off from VirusTotal could push some of the companies to find their own ways to catch the viruses.
Palo Alto did not respond directly to the question of whether they had been kicked off from the service but rather said they had not been relying on the VirusTotal peer determination for a long time, so there were no customer disturbances expected.
CrowdStrike struck a different note saying that they were negotiating with VirusTotal, and they had not been removed from the service on Saturday. In a statement, they said they were fully behind the mission of the company and had reached out to find out ways they could work with each other for the security community benefit.
VirusTotal gets 400,000 submissions every day of potentially dangerous files from companies such as Symantec, Intel, and TrendMicro. “It was never meant to enable new companies to use it as a shortcut by silently relying on, and benefitting from, the service without a corresponding investment,” said Trend Micro Chief Technology Officer Raimund Genes. His company is one of those who pushed for the shift.
VirusTotal said it was trying to act in the best interest of those in the security industry through a Google spokeswoman.
