Sophos hits back at ‘scaremongering’ accusations

Sophos has hit back at a security company chief executive's claims that vendors like it and McAfee are "irresponsible" for using "scare tactics and publicity seeking gimmicks".

In an SC Magazine article, PineApp chief executive Rakash Gupta was quoted as saying that the vendors should concentrate on providing sensible and intelligent advice rather than making malware and other issues something to "be afraid of".

Gupta specifically picked on McAfee and Sophos which were trying to "capture computer owners' attention and their cash".

He pointed at events such as spam's 30th birthday when Sophos created a Facebook group called the Sophos Spam Pledge' and urged people to take an oath of allegiance to not buy goods advertised on spam, as well as recording it on video.

He said: "Sophos would not disclose the number of people that had taken its oath. The YouTube video was been seen over 2,000 times but this is by no means an indicator of pledgees'. Oh, and it hasn't really stopped spam either."

Sophos security analyst Graham Cluley unsurprisingly refuted the claims: "We try and raise awareness, and we hope that what you see from Sophos and our videos is that we don't try and plug our products."

He added: "It's more about saying this is the threat, and this is how you have to be more careful with passwords or spam'."

Cluley said that rather than trying to scare people, the videos Sophos created were aimed at giving sensible advice about the problem.

However, Cluley did say that security threats need to be kept in proportion.

He used the example of mobile phone malware. While interesting and newsworthy, they are as yet very unlikely to be encountered, compared to problems like malware in Windows.

Companies need to put things in context, and tell people the true level of the threat, he added.

He said about the media hype of the Conficker/ Downadup worm: "We [Sophos] have actually been quite reserved on Conficker. We haven't been jumping on that bandwagon of millions of users [being infected].

"We've said look, there's ways to protect against this without even using anti-virus software. A patch can be used to stop this from spreading."

He added: "In our view, there was never a big emergency in the Conficker worm as some worms from the past a few years ago."

In the article, Gupta also criticised McAfee's marketing moves, highlighting the firm's recruitment of a mother of three as what it called the 'Industry's First Chief Cyber Security Mom' and releasing a survey which rated cyber dangers as being as dangerous as drink driving or experimenting with drugs.

McAfee refused to comment, while PineApp couldn't be reached by the time of writing.