In 1971, an American researcher called Bob Thomas created an IT program designed to travel across a network This program left a trace on all the computers it entered, printing a message saying “I AM THE CREEPER: CATCH ME IF YOU CAN.” This program became the first computer virus, spreading to mainframe computers manufactured by Digital Equipment Corporation.
To combat Creeper, Roy Tomlinson (who also invented the first email system) developed Reaper, a program designed to eliminate the virus. While this program was the first step towards an antivirus program, it wasn’t until two decades later that the first true antivirus programs started to be developed.
Pioneering antivirus solutions
In 1988, a worm called Morris Worm almost destroyed the nascent Internet. This incident was the impetus for the creation of cybersecurity as a discipline, and also lead to the creation of the Computer Emergency Response Team, the precursor of the US-CERT.
Two years later, in Bilbao, Panda Security, or Panda Software as it was then known, was founded. The name Panda Security comes from the Spanish word “pandilla”, meaning a group of friends, and this is exactly who founded the company: A group of friends. Since then, as the volume of work that we all do has grown, so too has this “pandilla” of friends.
The first antiviruses scanned all the binaries on a computer and checked them against a database of virus signatures. To begin with, this technology simply computed file hashes. Later on, the ability to search lists of strings found in malware was developed.
Although these antiviruses helped to protect computers against malware, they were far from perfect: In order to be able to scan all local files, they required a great deal of processing power, which interrupted user productivity. What’s more, the scans often turned up false positives.
The next step: EPP
While new antivirus capacities were being developed, the people creating malware were also busy. In the 90s, there existed a few tens of thousands of malware samples; by 2007, 5 million new samples were created every year. Traditional antiviruses couldn’t write new signatures fast enough to keep up with all the new malware samples. Something had to change. This is when the first Endpoint Protection Platforms (EPP) were created.
EPPs didn’t use static signatures to identify viruses; instead, they used signatures to identify entire malware families. The fact that most malware samples were variations of known malware helped EPPs a great deal, since it meant that they could defend against “the unknown”.
In 2007, Panda Security became the first security company to use cloud technology with its Collective Intelligence system, in the popular Panda Cloud Antivirus. Over the following years, the company devoted itself to implementing this technology in its full range of products. In 2014, Panda was recognized as the first endpoint protection platform manufacturer to fully commit to developing cloud-based security services.
Malware samples just keep growing
It is estimated that by 2014, over 500,000 new malware samples were created every day. With so many malware samples, signatures simply could not keep up. This is why, in 2015, Panda Security once against revolutionized the market. It created a cybersecurity model based on registering and classifying absolutely all active processes on a system. With this model, it is impossible for any malicious binary to run on protected endpoints. This model is also essential to be able to stop the latest cybercrime trends.
Lateral movements, live hacking…
According to Pedro UrĂa, director of PandaLabs, thanks to this model, malware is no longer a problem. However, there are other cyberthreats that can cause companies serious problems, threats that cannot be detected with signatures or other more traditional technologies. This is live hacking. This kind of cybercrime uses Living-off-the-Land techniques—the illicit use of tools already on the computer—to get onto the victim’s system. Once inside, the cybercriminals can carry out lateral movements to get on to more computers on the same system, and thus compromise the whole IT system.
Live hacking can be used to carry out all sorts of cybercriminal activities: From data exfiltration and industrial espionage, to ransomware and even stealing money.
Given that these kinds of attacks don’t use any kind of malicious file, they are very difficult to detect without constantly monitoring all of the activity on the system, the kind of monitoring provided by Panda Security.
30 years of growing and changing
Since it was founded 30 years ago, Panda Security has witnessed all the changes that the cybersecurity landscape has gone through; it has protected its clients against all kinds of cyberattacks. Throughout all these years, we haven’t stopped evolving to ensure that we are one step ahead of the latest cybercriminal trends.