Wednesday

Symantec Says Antivirus Is Dead - Wait, What?

You may have seen the recent stories regarding security company Symantec declaring the death of antivirus software - a pretty startling statement. What does this mean, we shouldn't use antivirus software anymore? No, it doesn't mean that, but it does mean that the bad guys have moved ahead and are pretty effective at gaming the AV software, such that MOST viruses get through the usual defenses. It follows that we need to look at other things to help mitigate our exposure to all kinds of malware. Security guru and blogger Brian Krebs has a good overview of the current situation, written in a user-friendly manner here (excerpt below).
About 15 years ago, when the antivirus industry was quite young, there were far fewer competitors in the anti-malware space. Most antivirus firms at the time had a couple of guys in the lab whose job it was to dissect, poke and prod at the new crimeware specimens. After that, they’d typically write reports about the new threats, and then ship “detection signatures” that would ostensibly protect customers that hadn’t already been compromised by the new nasties.

This seemed to work for while, until the smart guys in the industry started noticing that the volume of malicious software being released on the Internet each year was growing at fairly steady clip. Many of the industry’s leaders decided that if they didn’t invest heavily in technologies and approaches that could help automate the detection and classification of new malware threats, that they were going to lose this digital arms race.

So that’s exactly what these firms did: They went on a buying spree and purchased companies and technologies left and right, all in a bid to build this quasi-artificial intelligence they called “heuristic detection.” And for a while after that, the threat from the daily glut of malware seemed to be coming under control
.
KrebsOnSecurity


No comments :