The small-town center of Spain's anti-virus fight

About 100 kilometers in from the Mediterranean coast lies Valencia's Vall d'Albaida, and the small town of Ontinyent, a long-standing center of blanket making. Less well known is that Ontinyent is also home to Ontinet, a company that distributes the software of one of the world's best-known anti-virus manufacturers, ESET, to around 3.5 million customers in Spain.

Ontinet was set up by Vicent Coll in 1992, and began by selling computers and office equipment. But Coll saw the potential of the internet early on, particularly the need for anti-virus systems.

The company's big break came when it became a distributor for Slovakian company ESET, which produces NOD32 and Smart Security, two of the PC world's most popular anti-virus systems.

"In reality," says Robert Lipovsky, head of Ontinet's Malware research team, "protecting computers is more complex than people realize, because it's not just about protecting against viruses; there are grey areas, where pernicious viruses have wormed their way into systems." He says the big problem is in the dubious way some applications store data or manage traffic. "The source code in itself is not particularly malicious, but companies say they are not doing anything illegal, so we have two problems: working out the technical aspects, and then deciding on whether or not a program should be blocked."

The majority of Ontinet's sales are online, through its website, the majority of them anti-virus licenses. Spain still lags behind in online sales.

"For us, it's a question of adapting the product," explains Josep Albors, head of the company's communication department. "We are not part of ESET as such, but we do work with them on virus detection systems."

Albors says that Spain's banking system has recently been the target of Trojan horse viruses, most of them originating from Brazil. He says part of the success in combating them has been due to language difficulties on the part of Portuguese hackers trying to get into Spanish-language systems.

"In general," he says, "the weakest link in the security system is the one between the chair and the monitor." Lipovsky agrees, but says the problem doesn't just apply to would-be wrongdoers.

Many problems related to computer use originate with people who do not fully understand how their operating systems, applications and computers work. In response, Ontinet has undertaken a mass awareness campaign in the media about the need to be more security conscious.

Fernando de la Cuadra, education director at Ontinet.com, has regularly been interviewed about user behavior by national and regional/local media. He is also a regular contributor to national and specialist publications on software security issues.

Ontinet also issues regular threat-related news releases to keep people informed about specific risks, such as when attackers take advantage of news stories. After the 2010 Haiti earthquake, the company showed how attackers were using Facebook to distribute their malware.

"The strategy has been key to promoting our educational activities in the press. They have actively collaborated in the new messaging definition and implementation in all our communication materials, and have also been particularly active in pitching in our expertise on secure user behavior to the right media at the right time, generating a great number of opportunities to amplify our message," says De la Cuadra.