The IT security industry is no stranger to urban myths: stories that spread and over time become accepted as general truths. Panda Security has been asking its community, mainly through Facebook and Twitter, which myths come to mind when talking about antivirus security companies, and below we offer the top five replies and their arguments:

1. Antivirus security companies make the viruses. This is a claim we have often heard at Panda Security throughout our 20 years in the business, and no doubt the same goes for other companies in the sector. The claim is absurd, particularly if you think that we receive around 55,000 new viruses every day. Also, I think this would be a very difficult secret to keep under wraps for the more than 20 years the industry has been protecting users. One of the real problems that we have had to resolve in the sector over this time is how to process all of this malware in order to protect our users.
2. Security companies hire hackers. Obviously, here we cannot speak for the rest of the industry, but at Panda Security this is an issue that has always greatly concerned us, and we have never knowingly contracted hackers who have operated “on the dark side”. We have however (and we are always on the lookout) contracted white-hat hackers. Another variation of this myth is that you have to be an IT engineer to work in security, which is also false. The profile of those who work at Panda is highly varied: Engineers, mathematicians, physicists, self-taught, etc. What all of them have in common is a genuine interest -sometimes a real passion- in IT security.
3. There are no viruses for Mac, Linux or cell phone platforms. We would all like this to be true! It is commonly held that none of these present any risks to users, as viruses are only designed for Windows platforms. The truth is that there are viruses for all these platforms. The difference lies in the amount of threats circulating in comparison with those designed for Windows. The explanation is simple: hackers are looking for profit. If the aim is to reach as many people as possible and consequently more potential victims to steal from, what is the best target? A platform with 10 million users or one with 500 million? The answer is obvious.
4. It requires a lot of knowledge to be a hacker, create viruses, infiltrate systems… in some cases yes, in others no. Some years ago it was difficult to develop viruses, worms, Trojans, etc., and it required technical know-how. In fact many of the hackers started out “playing around” while they learnt, and acquired significant knowledge of programming languages, communication protocols, etc. Today this is no longer necessary, but in the case we witnessed recently with Operation Mariposa, those responsible had quite limited knowledge. This is because kits are sold across the Internet which allow the uninitiated to generate and configure malware. We wouldn't quite say that anyone can do it, but with a little bit of knowledge and dedication, it's possible to construct, for example, a botnet capable of infecting 13 million computers around the world.
5. Women don't work in security companies. This assumption is as frequent as it is untrue. At Panda Security at least this is clearly untrue: more than 30% of the workforce are women, many in technical or management areas. This figure is growing, as an increasing amount of women are training for sectors such as IT security.