Have you heard? Antivirus software is dead — at least according to Symantec, maker of Norton Antivirus. But they’re still making Norton Antivirus and want to sell it to you, so what does this statement even mean?
Antivirus software is still helpful. It’s an important layer of security. But, now more than ever, you shouldn’t rely only on antivirus software. Traditional antivirus software doesn’t catch many threats.
Traditional antivirus software detects viruses in two main ways. One is through virus signatures, which your antivirus software regularly downloads updates for. The antivirus company discovers a new piece of malware and pushes out an update for it. When your antivirus encounters a program file, it scans that file to see if it matches any known malware. If the file does match known malware, it’s blocked. Antivirus software also uses heuristics, which attempt to examine a file and detect if it’s malicious, even if the file hasn’t been seen before.
Attackers are getting better at bypassing these protections. If an attacker uses new malware, the antivirus won’t know about the malware and it won’t be detected. Heuristics aren’t perfect, and attackers can tweak their attacks to help them not be detected by heuristics. Attackers frequently use other tricks that aren’t malware, such as phishing and other social engineering tricks.
Brian Dye told the Wall Street Journal that antivirus software now catches only 45% of “cyberattacks”, so this figure includes other types of attacks that aren’t simply malicious software.
Businesses are the target audience here. Symantec is telling businesses that antivirus software isn’t good enough anymore. If a business doesn’t want to get hit with a major data breach like the one Target suffered, they’ll need more advanced intrusion detection and security services. As a matter of fact, Target was paying FireEye for their services and they actually detected the breach ahead of time. Target chose to disable automatic protection and ignore all FireEye’s warnings, which could have halted the attack. Businesses are more under siege than home users because attackers want to make a profit, and there’s more profit in stealing business data.
If you’re an average home user, you should know that Symantec isn’t really talking to you here. They’ll still tell you that antivirus software is important. They just want to shift towards selling higher-value security services to businesses. As the Wall Street Journal puts it: “It would be impractical, if not impossible, to sell such services to individual consumers.”
But you can’t rely only on antivirus software to help keep you safe. If you start downloading pirated software from illicit websites and opening dangerous programs that arrive as email attachments, you’ll probably get infected with something. Your antivirus program will fight the good fight and should even catch most of this malware, but some malware will eventually slip through if you’re not exercising proper computer security practices.
There are also other threats that aren’t malware. An antivirus won’t stop you from using the same password everywhere and having your accounts compromised, nor will it stop you from falling for phishing emails and giving away your financial details to an attacker.
Antivirus software helps, but it’s not a perfect solution. For businesses, this means turning to other security precautions and even expensive security products — hey, FireEye could have saved Target money if they actually listened to the warnings they were paying for. For typical computer users, this means obeying good computer security practices and not just counting on antivirus software to protect you.
Antivirus software is still helpful. It’s an important layer of security. But, now more than ever, you shouldn’t rely only on antivirus software. Traditional antivirus software doesn’t catch many threats.
Why is Antivirus Software “Dead”?
In an interview with the Wall Street Journal, Symantec’s senior vice president for information security Bryan Dye said antivirus software “is dead.”Traditional antivirus software detects viruses in two main ways. One is through virus signatures, which your antivirus software regularly downloads updates for. The antivirus company discovers a new piece of malware and pushes out an update for it. When your antivirus encounters a program file, it scans that file to see if it matches any known malware. If the file does match known malware, it’s blocked. Antivirus software also uses heuristics, which attempt to examine a file and detect if it’s malicious, even if the file hasn’t been seen before.
Attackers are getting better at bypassing these protections. If an attacker uses new malware, the antivirus won’t know about the malware and it won’t be detected. Heuristics aren’t perfect, and attackers can tweak their attacks to help them not be detected by heuristics. Attackers frequently use other tricks that aren’t malware, such as phishing and other social engineering tricks.
Brian Dye told the Wall Street Journal that antivirus software now catches only 45% of “cyberattacks”, so this figure includes other types of attacks that aren’t simply malicious software.
Businesses Are the Audience, Not Individual PC Users
It’s no coincidence that this statement was made in an interview with the Wall Street Journal. Symantec wants to start competing with business security firms like FireEye, which specialize in helping businesses prevent and deal with breaches. Rather than simply selling antivirus software to these businesses, they want to sell other security services. These services include briefing businesses on threats, analyzing networks for suspicious behavior, and detecting intrusions.Businesses are the target audience here. Symantec is telling businesses that antivirus software isn’t good enough anymore. If a business doesn’t want to get hit with a major data breach like the one Target suffered, they’ll need more advanced intrusion detection and security services. As a matter of fact, Target was paying FireEye for their services and they actually detected the breach ahead of time. Target chose to disable automatic protection and ignore all FireEye’s warnings, which could have halted the attack. Businesses are more under siege than home users because attackers want to make a profit, and there’s more profit in stealing business data.
If you’re an average home user, you should know that Symantec isn’t really talking to you here. They’ll still tell you that antivirus software is important. They just want to shift towards selling higher-value security services to businesses. As the Wall Street Journal puts it: “It would be impractical, if not impossible, to sell such services to individual consumers.”
Yes, You Should Still Use Antivirus Software
he same Wall Street Journal article also refers to antivirus software as “necessary but insufficient.” This is very true. If you’re using a Windows PC, antivirus software can help protect you from malware. Malware that arrives due to a zero-day vulnerability in a web browser or plug-in you use, so just being careful isn’t always good enough.But you can’t rely only on antivirus software to help keep you safe. If you start downloading pirated software from illicit websites and opening dangerous programs that arrive as email attachments, you’ll probably get infected with something. Your antivirus program will fight the good fight and should even catch most of this malware, but some malware will eventually slip through if you’re not exercising proper computer security practices.
There are also other threats that aren’t malware. An antivirus won’t stop you from using the same password everywhere and having your accounts compromised, nor will it stop you from falling for phishing emails and giving away your financial details to an attacker.
Antivirus software helps, but it’s not a perfect solution. For businesses, this means turning to other security precautions and even expensive security products — hey, FireEye could have saved Target money if they actually listened to the warnings they were paying for. For typical computer users, this means obeying good computer security practices and not just counting on antivirus software to protect you.
0 comments:
Post a Comment