|
|
|
ONLINE FEATURES
Book Reviews
BW Video
Columnists
Interactive Gallery
Newsletters
Past Covers
Philanthropy
Podcasts
Special Reports
BLOGS
Auto Beat
Bangalore Tigers
Blogspotting
Brand New Day
Byte of the Apple
Economics Unbound
Eye on Asia
Fine On Media
Green Biz
Hot Property
Investing Insights
Management IQ
NEXT: Innovation
NussbaumOnDesign
Tech Beat
Working Parents
TECHNOLOGY
J.D. Power Ratings
Product Reviews
Tech Stats
Wildstrom: Tech Maven
AUTOS
Home Page
Auto Reviews
Classic Cars
Car Care & Safety
Hybrids
INNOVATION
& DESIGN Home Page Architecture Brand Equity Auto Design Game Room SMALLBIZ Smart Answers Success Stories Today's Tip INVESTING Investing: Europe Annual Reports BW 50 S&P Picks & Pans Stock Screeners Free S&P Stock Report SCOREBOARDS Hot Growth 100 Mutual Funds Info Tech 100 S&P 500 B-SCHOOLS Undergrad Programs MBA Blogs MBA Profiles MBA Rankings Who's Hiring Grads |  |
DECEMBER 12, 2005
Norton Gets A Bit Less Secure Hacker attacks on its antivirus software could hurt Symantec's premium brand What's the newest security threat lurking on your PC? It's not the spam sitting in your inbox luring you to fake Web sites. Or the keystroke-logging malware recording your passwords. It's holes in the software designed to protect you from all that. It's true: Hackers, bored with attacking Microsoft (MSFT ), are going after Symantec Corp. (SYMC ), whose Norton products are the first line of defense on 50 million PCs worldwide. Says Ralph R. Echemendia, an info-tech security instructor at Vigilar's Intense School, a Ft. Lauderdale security training institute: "They've become a new target." That's bad news for a company trying to differentiate itself from rivals -- including Microsoft Corp., which rolled out two security products on Nov. 29 -- by positioning itself as a premium brand that charges top dollar. "The danger is you turn off consumers," says Andrew Jaquith of market researcher Yankee Group. How big is the threat to Symantec and its customers? Already, hackers are bypassing or disabling Symantec software in their efforts to access personal information or spread viruses and worms. And there's mounting evidence that hackers are trying to use Symantec software as an actual gateway into corporate servers and PCs. A Nov. 22 report by the SANS Institute, a computer-security watchdog, showed a tenfold increase in attempts to exploit a flaw in a Symantec data-protection program after it was disclosed in May. Symantec's ubiquity -- a 64% share of the consumer antivirus market -- has made it a prime target. By contrast, rival McAfee Inc., with just 15.7% of the market, according to IDC Research Inc., is experiencing fewer attacks. At the same time, hackers are becoming increasingly sophisticated. Exhibit A: Golden Hacker Defender Forever, Web-based software that promises to cloak any malicious code so that it won't be found by leading antivirus packages. For an extra $125, hackers can even buy "antivirus support," regular updates to the cloaking code designed to stay one step ahead of similar hacker-fighting updates put out by Symantec and others. Symantec contends it has the wherewithal to take on the hackers. The company has more than 100 researchers combing cyberspace to figure out where hackers are going next and how to protect its customers. "The issue is, when a vulnerability [is found], how quickly do you respond?" says Symantec Chairman and CEO John W. Thompson. "If by some quirk of fate we discover a problem, like firefighters we move quickly to address it." Symantec sends out patches within 28 hours of a vulnerability being exposed, which compares favorably with an average of 51 days for most software firms. A MATTER OF HOURS But in a world of industrial-scale hacking, that might not be fast enough. According to AV-Test.org, a German virus tracker, Symantec's average response time for the 12 major virus outbreaks during the first half of 2005 was 10 hours, 48 minutes. McAfee scored slightly better with 9 hours, 29 minutes. F-Secure Corp., a Finnish security firm, took 2 hours, 37 minutes. "[A few hours] make a world of difference," says F-Secure President and Chief Executive Risto Siilasmaa. "Viruses infect PCs exponentially." The threat arrives at a time when Symantec is under unprecedented pressure. While the company continues to sell most of its consumer products through computer stores, late last year McAfee and other rivals began distributing their software through Internet service providers, which give it to subscribers for free. Microsoft's entry into the market is sure to up the price pressure. In an attempt to diversify beyond the increasingly competitive security business, Symantec a year ago bought storage-software maker Veritas. But many investors viewed the $10 billion acquisition as an awkward fit. That perception, and the company's warning on Nov. 1 that revenues in fiscal '06 would be lower than expected, have battered the stock, which, at about $18, is 47% off its 52-week high. CEO Thompson vows not to be drawn into a price war. Let McAfee target customers lacking even the most basic antivirus software, he says. Symantec is focusing on a more sophisticated suite of security products with fatter margins. But customers will only keep paying up if Symantec is seen as the premier brand. If hackers continue their onslaught, security vulnerabilities could be the least of Thompson's problems.  By Sarah Lacy, with Brian Grow in Atlanta
BW MALL
SPONSORED LINKS
Get BusinessWeek directly on your desktop with our RSS feeds.
Buy a link now! Add BusinessWeek news to your Web site with our headline feed. Click to buy an e-print or reprint of a BusinessWeek or BusinessWeek Online story or video. To subscribe online to BusinessWeek magazine, please click here. Learn more, go to the BusinessWeekOnline home page  | | |
 Copyright 2005, by The McGraw-Hill Companies Inc. All rights reserved.Terms of Use | Privacy Notice |
Printer-Friendly Version