Not a Silver Bullet
Kaspersky acknowledged that his cloud vision would not provide a "silver bullet" for all types of malware. At its heart, cloud-based scanners are like traditional antivirus software in that they are signature-based. Even if a new piece of malware emerges that exhibits the exact same behavior as a previously detected one, it would need to be analyzed separately before it could be detected as malicious. Criminals can recompile malware with slightly revised code so that it displays the exact same behavior, but looks different, Kaspersky told eWEEK. It's not in the "nature of the cloud" to detect slightly revised malware or to stop server-side polymorphic malware, which can change sections of the code automatically at specified intervals.So, while cloud antivirus services can weed out the script kiddies and amateurs who think dabbling in cyber-crime is a fun or cool way make money online, the problem of dealing with sophisticated, committed cyber-criminals will persist, Kaspersky said. In fact, driving out the amateurs migrates a larger volume of global cyber-crime toward a more "professional group" that's capable of more sophisticated threats. Spearphishing, in particular, will persist as a "deep threat," Kaspersky said. Nevertheless, once the bulk of the common malware is blocked, the IT security industry can focus on going after the "more dangerous stuff," Kaspersky concluded.
Furthermore, mobile malware is evolving rapidly and the market for exploiting mobile users is growing exponentially, making that another area of serious concern, Kaspersky said.