View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 13, 2014

Symantec: Why virtual machines are a security risk

Security company seeks to fix ‘misconception’ among firms.

By Jimmy Nicholls

Symantec is warning companies not to become complacent on security when using virtual machines, despite only one in five malware samples being able to detect them.

Viruses that discover they are running on virtual machines will often stop executing code, which has led some to believe they are immune from attack when using them.

Candid Wueest, threat researcher at Symantec, said: "Malware authors have realized that it is suspicious when an application detects that it is running on a VM, so they have stopped using those features in recent years.

"Malware authors want to compromise as many systems as possible, so if malware does not run on a VM, it limits the number of computers it could compromise."

Viruses sometimes do not execute immediately in order to bypass security, either waiting for a computer to restart itself, or acting after a set number of mouse clicks.

"Along with applying traditional security practices, administrators need to pay particular attention to virtual connections between guest virtual machines themselves," Wueest said.

Content from our partners
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business
When it comes to AI, remember not every problem is a nail

"These connections might be invisible to traditional network security devices as they are not aware of them."

Malware samples investigated by the company showed those with the ability to detect virtual machines spiked at 28% during the start of the year, but the rate has remained fairly consistent since 2012, at around 20%.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.