Why AntiVirus Isn’t Enough

by Steve Deal on August 22, 2012

Security Fence

I’ve got AntiVirus software on my computer – how could I get infected?

How can that happen?  AntiVirus software alone is becoming less and less effective.

Classic AV software is like the ‘no fly’ list maintained by the airlines.  If you’re name is on the list, you are not supposed to get on the airplane.   AV programs maintain lists of known viruses and malware, and when a new potential threat appears, it is checked against the list.   These lists are updated frequently, with most programs getting a daily update.

What are the problems here?

  • Somebody at each of the AV companies has to ‘discover’ the new malware, and put it on the list.  Until then, it’s ‘in the wild’ and can freely infect your PC.
  • The hackers are disguising their programs by encoding or encrypting them – it’s a ‘terrorist in disguise’, and very difficult to detect.
  • Hackers can easily test malware online against 42 AV vendors for free to see if it is detected.
  • There are non-file ways into a PC – directly over the network or internet (through unprotected ports / services).

So what’s the answer?

AntiVirus alone is not enough.   But I do still think AV is relevant and necessary as part of a multi-part strategy for safety.

  • Use a Antivirus product – it will block the ‘known’ evils.
  • Use a hardware Firewall.
  • Keep your PC Patched, so that malware that does get through is less likely to do damage.

Photo credit: woodleywonderworks

{ 0 comments… add one now }

Leave a Comment

Previous post:

Next post: