Given that we are an Orlando IT support company, we get a lot of local professionals asking us whether or not their company needs anti-virus software.
There was a time, not so long ago, that anti-virus protection was seen as an adequate stand-alone security measure against malware. It seemed like, with every new threat, anti-virus companies were updating their software with the signatures of those threats quickly enough to minimize damage – and that worked for the most part. It wasn’t perfect (no security measure is) but it was adequate for the threats of the day, and it kept billions of computers and users safe.
But, as history shows us time after time, cybercriminals and their malware are evolving to be more dangerous and sophisticated with each attack. These criminals have gone around anti-virus’ reliance on malware signatures and have designed polymorphic threats that change frequently to outpace anti-virus companies’ ability to create and disseminate signatures to users in time.
In fact, not only has the effectiveness of anti-virus software subsided in recent years, so has the effectiveness of other signature and behavior-based security tactics such as:
- Web Gateways
These traditional protections, (anti-virus included) rely heavily on malware signatures and patterns of misbehavior to identify and block incoming threats. They know that it takes time for malware researchers and companies to catch up to constantly-changing threats. This lag time represents a golden opportunity for polymorphic threats to infiltrate, infect and propagate before being noticed.
Anti-virus: Protection from the Outside Leaves the Inside Insecure
A major drawback to anti-virus, and part of the reason for more robust forms of cyber protection, is that it protects only from external threats. Once sophisticated malware is inside a computer it can hide, replicate and disable the protections of its host. From inside, it communicates with command and control (CnC) servers for malicious directives to steal data, lie dormant or attempt to infect other machines.
This “communication” stage of this type of advanced attack is often successful because anti-virus software technologies rarely look for outgoing malware communication – leaving IT administrators unaware of a hole in their networks until after damage has been done.
With hundreds of millions of new malware variants each year, anti-virus vendors know that only minimal protection is now offered by their products. Research has shown that 90% of malware binaries morph within an hour – making anti-virus software easy to bypass due in part its signature-based detection systems.
Despite its apparent lack of protection against sophisticated attacks, anti-virus software is still a vital element of IT security strategies as companies increasingly employ it as a complementary mechanism to advanced security. Advanced security measures analyze the malware that anti-virus misses and blocks the malware from callback communications – securing data and networks against theft and further propagation.
Are you worried that your IT security is making you vulnerable to advanced malware attacks? Contact us today to get a complete assessment and options to improve your security.