Tag Archives: Antivirus

Do You Really Need an Antivirus Software Today?

March 21, 2017 Sam Broadbent

There was a time when viruses and malware were a major threat, even for an average desktop or laptop user. This was the time of Windows XP, which didn’t have an AV program of its own (later Windows OS came with built-in AV programs, such as, Windows Defender in Windows 7 and 8), and the operating system itself wasn’t exactly robust and secure enough to ward off the unwanted programs.

Times have changed now. Not only there is a considerable decline in major virus and malware floating around, but the operating systems, too have evolved greatly to tackle this problem. Brian Dye from Symantec (a leading provider of security products) himself declared in 2014 that antivirus was dead. This surprised, and even shocked a number of people, even though Dye was referring to the declining sales of AV products.

The reason why sales of AV programs have declined is because the majority of businesses have moved beyond traditional software protection. They now invest in comprehensive AV systems rather than standalone products and focus on adaptive approaches instead. Of course, another reason is that most computer users are unaware of the benefits that paid AV programs offered, and are content with their free versions.

Today, a huge percentage of computer users don’t use AV programs anymore. But what about businesses? Do they need an AV program? Perhaps not.

How Microsoft Affected the AV Market

For a long time, AV companies such as Norton and Avast made tons of money selling their security products. Everyone was afraid of viruses, which was why they would buy an AV program the first time they bought a new system. However, when Microsoft released Windows 7, which had many features, but mainly the built-in security program Windows Defender, it gave the commercial security companies a run for their money. After all, it was a great product, and did a terrific job, for free! Who would want to pay for another AV product, when this one came pre-installed, and cost nothing?

After the release of Windows 7, a lot of AV companies started rolling out free versions or trial versions of their products to increase sales, but the damage was already done.

Malware Bringing Ransomware

While virus attacks have declined, it won’t be correct to say that computer systems don’t have any security risks. Yes, trojans and malicious programs are rare these days, but these have been replaced by other forms of programs, mainly the adware and ransomware. These programs don’t directly harm the system, but increase the system’s overhead, and pose the risks of fraudulent activities (ransomware).

What’s the Solution?

You can absolutely protect your computer system from harmful programs without shelling out money. The first thing you must do is make sure that Windows Defender and Firewall are both enabled. These two will protect the system from the majority of the attacks. Secondly, install a basic version of a malware protection software, or AV software, just to be sure.

The suggestions above are for desktops and laptops. They can’t protect your server, which is why you need a good online backup solution. Even if you have an expensive AV program, it is best to invest in a decent cloud backup solution. This is because no AV solution is foolproof, and you wouldn’t want your important documents and files to be compromised. Before you make your final decision to pick a cloud backup and data storage company, make sure they are offering additional services, such as: data mobility, data security, disaster recovery, virtualization, business continuity, and more.

Nasty! A Malware your Antivirus can’t Detect.

August 5, 2014 Kris Price

Well this is one way to ruin an IT Manager’s morning coffee, a new form of Malware has been discovered that wont be detected by standard antivirus.

An article published on the Register this morning details a rare form of malware that can steal data off a machine without installing any files. The malware is extremely difficult to detect as it will set up home within the computers registry, hence antivirus being unable to detect any suspicious looking files on an infected machine. Nice!

In a report Paul Rascagneres stated, “All activities are stored in the registry. No file is ever created. So, attackers are able to circumvent classic anti-malware file scan techniques with such an approach and are able to carry out any desired action when they reach the innermost layer of [a machine] even after a system re-boot. To prevent attacks like this, anti-virus solutions have to either catch the initial Word document before it is executed (if there is one), preferably before it reached the customer’s email inbox.”

Paul Rascagneres (@r00tbsd) has a reputation for ripping malware and bots to uncover and undermine black hat operations. Last year, Rascagneres won the Pwnie Award at Black Hat Las Vegas for tearing through the infrastructure of Chinese hacker group APT1.

The code has been spread, somewhat typically, through email. The mail, currently being sent under the guise of Canada Post and UPS tracking information, carries a Word Document containing the malicious code. Once opened, this then creates a hidden encoded autostart registry key, subsequently executing shellcode and a binary payload (this is the bit that allows any hacker access to a device).

Rascagneres added, “This trick prevents a lot of tools from processing this malicious entry at all and it could generate a lot of trouble for incident response teams during the analysis. The mechanism can be used to start any program on the infected system and this makes it very powerful.”

Backup your Data: The Effectiveness of Antivirus Products

January 9, 2013

The results from a recent study that investigated the effectiveness of the antivirus products that are currently available in the market have been released. The results showed that anti-virus products are not all that effective against new viruses, which makes the need for having a suitable and robust backup solution in place more important.

The study was undertaken by Imperva and a group of students from Technion-Israel Institute of Technology. They tested 82 malware samples against 40 different antivirus products to test how effective the products are in detecting viruses. The results are quite frightening as the detection rate for newly created viruses was less than 5%. This is quite concerning. If your company was to be targeted by a new virus, the likelihood of it infiltrating your system and possibly changing or deleting data is very high. Therefore, having a suitable and robust backup solution in place is important so you can recover any data, servers or standalone machines that have been affected.

Although the antivirus companies are constantly updating their antivirus detection databases, the study found that they are struggling to keep up with the rate of how quickly new viruses are being created. For some antivirus vendors, a virus isn�t detected for up to four weeks from the time of the initial scan. By utilising an antivirus product from one of these vendors, your system could be affected by the virus for a reasonable period of time and cause significant harm before it is detected.

Despite these finding, Imperva did stress the need to continue to use antivirus products but that a greater security focus should be put on using technologies that detect abnormal behaviour in systems and servers. They believe that such a combination will offer greater coverage and significantly help in detecting viruses. Although many antivirus products purport to contain such technologies already, the results from this latest study suggests that they are far from effective.

With exploiters continuing to learn the strengths and weaknesses of antivirus products and developing more sophisticated viruses, the importance to ensure that your data is recoverable increases dramatically. Ideally a secure offsite and onsite backup solution will be utilised alongside a modern antivirus product so no matter what happens your data and servers can be recovered and will reduce the overall impact.