Antivirus: Still Fighting Hackers On the Devil’s Cyber-Playground

Every time someone reports the death of the antivirus (AV), a new hacker gets his horns and a pitchfork.

It makes a great headline—but to date the bells have not tolled for the demise of the antivirus.

Viruses, like the ones attacking old school computers thirty years ago are still with us—but account for less than 10% of the forms of malware cybercriminals use to breach networks today. The internet isn’t safe and it’s not getting any safer.

Antivirus is the first line of defense.

Like locking the doors on your car, antivirus is considered a first line of theft defense because:

1. Regulatory, governance and compliance regulations mandate its use.
2. Antivirus advancements can detect new variants of threats.

The downside? Working alone, antivirus doesn’t offer the critical protection banks, healthcare organizations and other businesses need to keep hackers from stealing sensitive data.

Another downside is many antiviruses show a high number of false positive rates that bloat installations and significantly slow down or even shut down computers. Cyber security experts agree that traditional or stand-alone AV software can’t keep up with morphing threats unless it’s part of a “multi-layered” protection.

Antivirus/Anti-malware—the name doesn’t matter.

Old school antivirus and today’s antivirus programs, commonly referred to as anti-malware, use the same fundamental technologies to protect your network:

• Behavior detection – continuous monitoring of a network for unusual events or trends.
• Change detection – statistical analysis to determine subtle changes in behavior and characteristics that may indicate malware activity.
• Signature detection – signals the need to apply security measures on known malware (It needs updating regularly to be sure it catches newly developed malware).

Managed security experts warn that security solutions should always involve signatures; no matter what vendors tell you. One “signature” can sometimes detect an entire group of malware with millions of permutations.

A multi-layered approach is key.

Antivirus as part of a multi-layered approach behaves like a network of security check points working to detect and destroy “multi-families” of malware. What’s important is that solutions for protection evolve with the emerging threats.

While malware is a serious problem, it’s also critical to know “how” the bad actors are getting access to your network. The best protection is to never open doors to cyber criminals in the first place. Detective work from a managed security services provider, for example, can determine the human and programming bugs allowing attackers inside.

It’s not easy. Cyberspace is infinitely huge. Massive amounts of traveling data require a vigilance never imagined in the early days of computers. Antivirus had its place then, and it does now—in spite of the growing complexities of cyber security.

One of the greatest deterrence’s to cyberattacks is staying informed. Cybercriminals count on victims believing cybercrime will never happen to them. So ignore the “antivirus is dead” marketing hype. Antivirus, working as part of your layered security plan, will help prevent another hacker from getting his horns and pitchfork into your network. That’s a headache worth avoiding!