Forever and a half, I have had to explain to clients why their computers get infected with every kind of malware imaginable despite the fact that they have an antivirus program on their computers. Every person insists they don’t know how it got there and that they never visit “those” kinds of sites.
Of course, inevitably, and with a bit of digging, most of them do. They just don’t realize that the danger can come from ANY site, not just “those” sites. I’ll leave it to you to figure what “those” means…since it covers a lot of what people see as the underbelly of the Internet. For a long time now, we have warned every client we have that any Antivirus sutie is at best 80% effective in catching and preventing most modern-day infections. The truth is that estimate is probably wildly optimistic, but was based entirely on our own experience and anecdotal evidence.
So it was with great interest that I saw this article this week, talking about Antivirus pioneer Symantec and their admission that Antivirus programs are slowly dying.
It’s worth a read. The main problem comes down to something they only barely discuss. Forget all the tech talk about backdoors, PUP’s, hijacks, heuristic algorithms and the like. What it really comes down to is two things.
First, the method of infecting machines has changed in the past few years. No longer are we worried about opening attachments in an email. Now, it’s the “drive by” infection of a hijacked web link from a site you assumed was safe. Or the game program that doesn’t tell you about the annoying program it piggybacks onto your system that opens up all kinds of routes in. The old ways to protect yourself, the things that antivirus programs could prevent against, no longer apply.
More importantly though is this. The bad guys are ALWAYS several steps ahead of the good guys. It is a constant and losing game of catchup for the white hats, discovering bugs, holes, exploits that the blackhats have been using for ages. The good guys just don’t think the same way and thus can’t come up with the same workarounds. Even when they convert some of the most legendary blackhat hackers out there…they lose touch and the new guys come up with new ways to get in and annoy us.
The best analogy of this came from some comments I once heard about fighting terrorists. The good guys are always a few steps behind the bad guys…because no sane person would ever think of doing what the worst criminals would consider doing.
So if Antivirus programs are hit and miss at best, how do you protect yourself? Stay tuned as we discuss that again, because the answer isn’t one you’re going to like…because it’s all about you.