IS ANTIVIRUS SOFTWARE DEAD?
Have you heard? Antivirus software is dead, at least according to Symantec. But they are still making Antivirus and want to sell it to you, so what does this statement mean?
Antivirus software which is the best is still useful. It is an important layer of security. But now more than ever, you shouldn't rely solely on antivirus software. Traditional antivirus software doesn't detect many threats.
Why
Is Antivirus Software "Dead"?
In an interview with the Wall Street Journal, Symantec
senior vice president of information security Bryan Dye said antivirus software
"is dead."
Traditional antivirus software detects viruses in two main
ways. One is through virus signatures, for which your antivirus software
regularly downloads updates. The antivirus company discovers a new piece of
malware and releases an update for it. When your antivirus finds a program
file, it analyzes that file to see if it matches any known malware. If the file
matches known malware, it is locked. Antivirus software
also uses heuristics, which try to examine a file and detect if it is
malicious, even if the file has not been seen before.
Attackers are getting better at circumventing these
protections. If an attacker uses new malware, the best antivirus of all will
not know about the malware and will not be detected. Heuristics are not perfect
and attackers can modify their attacks to prevent heuristics from detecting
them. Attackers often use tricks other than malicious software, such as
phishing and other social engineering tricks.
Brian Dye told the Wall Street Journal that antivirus
software now detects only 45% of "cyberattacks," so this figure
includes other types of attacks that are not simply malicious software.
Businesses
Are The Audience, Not Individual PC Users
It is no coincidence that this claim was made in an
interview with the Wall Street Journal. Symantec wants to start competing with
enterprise security firms like FireEye, which specialize in helping companies prevent
and address breaches. Rather than simply selling antivirus software to these
companies, they want to sell other security services. These services include
informing companies of threats, analyzing networks for suspicious behavior, and
detecting intrusions.
Businesses are the target audience here. Symantec is
telling companies that antivirus software is no longer good enough. If a
business doesn't want to be affected by a major data breach like the one Target
suffered, it will need more advanced security and intrusion detection services.
In fact, Target was paying FireEye for its services, and they actually caught
the breach ahead of time. Target chose to disable automatic protection and
ignore all FireEye warnings, which could have stopped the attack. Businesses
are more threatened than home users because attackers want to profit and get
more profit from stealing business data.
If you are an average home user, you should know that
Symantec is not really talking to you here. They will still tell you that
antivirus software is important. They just want to shift towards selling higher
value security services to businesses. As the Wall Street Journal says:
"It would not be practical, if not impossible, to sell those services to
individual consumers.
The same Wall Street Journal article also refers to
antivirus software as "necessary but insufficient." That is very
true. If you are using a Windows PC, antivirus software can help protect you
from malware. Malware could arrive due to a zero-day vulnerability in a web
browser or plug-in you use, however, being careful is not always enough.
But we can just rely on antivirus software
to keep you safe. If you start downloading pirated software from illicit websites
and open dangerous programs that arrive as email attachments, you are probably
infected with something. Your antivirus program will fight the good fight and
should even catch most of this malware, but some malware will eventually escape
if you don't exercise proper computer security practices by keeping your antivirus
software updated.
There are also other threats that are not malware. And
antivirus will prevent you from all the malware and threats and it will prevent
you from falling in love with phishing emails and revealing your financial
details to an attacker.
So antivirus software is not dead, it just that we are not
using antivirus in the
right way and especially the right best antivirus for keeping us safe from all
the threats.
Comments
Post a Comment