security, humor, vendor-bashing,

Blended Threats == Hemlock Smoothies

Andrew Jaquith Andrew Jaquith Follow Feb 11, 2006 · 1 min read
Share this

An open letter to all anti-virus software makers:

February 2, 2006 Dear Antivirus Industry,

Why are you so addicted to the term “blended threat”? It seems to mean something special to you… but it means nothing to anybody else. Certainly not to Grandma or to security professionals who don’t work for anti-virus companies.

To the lay person, a “blended threat” might be what happens when someone slips arsenic or hemlock into their Starbucks frappucino. That’s what you meant, right?

Oh, silly me. You meant “a complex program that targets multiple weaknesses in computer networks and uses multiple distribution methods to spread” (Trend Micro’s definition). But doesn’t that describe the behavior of every sort of malware that’s seen today?

Grandma doesn’t get infected by “blended threats” – she gets infected by:

  • Adware that spies on her and makes her computer sluggish and unusable
  • Viruses and worms that wreck her hard drive
  • Keyloggers and trojan horses that steal passwords and credit card numbers and send them to nasty mean people in Lower Slobovia

We don’t get it. Characterizing malware as using more than one vector of attack may be technically correct but it isn’t the point – it’s the consequences that matter.

The term “blended threat” might have been useful toyour marketing efforts in 1998, but it seems a bit quaint in 2006 – rather like describing today’s automobiles as “horseless carriages.” Please stop.


Everyone Else

Andrew Jaquith
Written by Andrew Jaquith Follow
I’m Andrew Jaquith, a Managing Director in financial services. I have worked for JP Morgan Chase and Goldman Sachs. Previously, I was CTO SilverSky, and former analyst with Forrester and Yankee Group. My interests include security and risk, anything data-related, app development, visualization, good writing and spirited discussion.