Anti Virus Software Is A Farce
Following up on a recent post I read on LinkedIn I decided to write this as a blog post due to the limitations of the number of words one can write on LinkedIn.
Many may disagree with me on my viewpoint, but that is their choice and based on their own experiences. I have been in the technology services and consulting space for most of my adult life spanning two decades, and the one thing I have seen more often than not is the false sense of security anti-virus software gives to a computer user.
Antivirus Software is a farce, plain and simple. It offers a false sense of security, one which allows users to lower their guard due to the notion that they are protected. While there is a defined/prescribed benefit of having antivirus software, the best defense against malicious software is an educated & cautious user.
As an IT professional I am a firm believer in the principle of self-preservation & as such my devices are not protected by reactive and primitive A/V junk. The stuff that we all have come to accept as a way of life, you know the crap that comes bundled with every desktop, laptop or PC you buy. It is free for 30 days and then its a pain for the rest of your life if you do not buy it. Out of fear, many buy it, and then it is all downhill from that point forward.
Anti Virus software is excellent at stopping known threats and in some cases exceptional at detecting future risks based on signatures, but anything else is fair play, and free for all to hack and attack. The principle behind how anti-virus software works are based on matching patterns, and signatures to a known database of rogue signatures. This great when we were merely dealing with nonadvanced threats, but with the distribution of viruses, malware, and other such threats using more sophisticated techniques to hide their signatures, a signature-based detection system is at best backward.
Malware authors, hackers, and attackers can stay one step ahead of software companies that write anti-virus software by writing “oligomorphic,” “polymorphic” and, more recently, “metamorphic” viruses. These types of infections and malware utilize encryption to avoid detection, and in many cases the more advanced threats can mutate on the fly as a method of disguise, to prevent detection and exposure.
This poses a huge (as in Donald Trump huge) problem, for which there are no walls one can build to protect themselves from such threats, and nor are there any border check that would highlight an illegal program crossing into your hard drive or memory of your device. Moreover, nor is there anyone to hold accountable and make them pay for the damage and havoc such a program can bring upon you.
Well, let’s start by understanding the basic mechanics of how one contracts a virus or other threat on their computer, laptop or any device for that matter. Most malware is transmitted via the internet as a source and further propagated by way of sharing and distributing files on a USB stick or network, and last but not least directly from websites in real-time. So knowing where the entry points make it a bit easier to tackle.
So what are some of the best practices that every computer users should engage in?
Technology has come a long way, but our use of technology & behavior is still primitive.
Just because you have a gun safe does not make your gun safe, It is your responsibility to ensure that it is and remains safe through safe practices & precautions to prevent it from becoming unsafe. If that makes sense.
There are ways to prevent the spread of such things using multiple layers of security, everything from firewalls & safe lists to DNS filtering, IPS, IDS, and my favorite Anti-Executable software.
Rather than A/V software, I would instead use an anti-executable application which is designed to permit authorized files to be run and executed, thus avoiding the issue described in this article.
If you care to read the original post, hop over to LinkedIn
If you or your organization is constantly battling with malicious programs, viruses, ransomware, spyware, trojans, and any other type of destructive, and disruptive software, and you’re looking for a resolution to such issues using multiple layers of proven, and battle-tested security layers then feel free to contact us by completing the form on this page or call us at (877) 948-3665.