"Is
it really necessary to have an antivirus
installed on my devices?" Giving an affirmative or negative answer to
this question, which is often heard in different environments, from the most
technical and specialist to end users without much knowledge of technology,
never takes a short time. It usually generates long discussions about the
performance of the team, the usability of the security solutions, the privacy
of the user and a number of other topics that often extend the conversation. I
already know that when working in a security company like ESET, you will be
thinking that my answer is going to be strongly biased towards yes, which is
totally true; However, as a security professional who has been working on
these issues for several years, I have learned a lot about threats and their ways
of spreading. Therefore, I am going to list seven facts that
will help you form an idea about what to do.
1. Diversity of threats
Today
there are many types of threats that we find spreading and affecting
users. Although the term "antivirus"
was coined in the collective subconscious, this type of tools have evolved from
detecting only computer viruses to becoming complete security solutions, which
provide many other functionalities such as firewall ,
antispam and anti-phishing filters or scanning of memory, among others, that
provide comprehensive protection to the system and allow you to navigate safely
in the current context of threats.
2. Variety in the way of spreading
Undoubtedly,
the use of Social Engineering is one of the main mechanisms used by
attackers to spread their threats and many times user interaction is
needed to run a file, open a document or download something on their
mobile device. From there, the infection begins.
However,
it is not the only thing that attackers use, as there are techniques that do
not require a user to interact with the threat in order for it to be
installed. For example, injecting an i-frame into a vulnerable
website can lead an attacker to install something on the user's device without
the user being aware of what is happening. But a security solution will
detect this malicious behavior.
3. Growth in the number of detections
A
few years ago, when I started working at ESET, we talked about that on average
around 200,000 different samples were processed every day; at the end of
2016 this number was close to 300,000. This without forgetting that,
only from ESET, updates of several thousand signatures for
malware targeting Windows are released every few days.
If
to the above we add the fact that everything we see in ESET is not the only
thing that can happen in the cybercrime ecosystem, these numbers may be higher.
4. Vulnerable technologies accommodate different threats
Computer
threats not only take advantage of flaws and vulnerabilities in particular
versions of an operating system, but also in applications, which opens the
possibility of an infection regardless of the version of the operating system
used. In addition, to the above is added the variety of
languages used by attackers, which extend their possibilities of affecting
systems: from compiled languages to scripting they are used to attack various
platforms.
5. Affected platforms
Without
a doubt, most malicious code is focused on affecting Windows operating systems,
but it is becoming increasingly common to find threats to other systems such
as Mac OS X or Linux , despite the fact that many continue
to believe in their invulnerability. There is even malware for mobile
systems like Android or iOS, so it's time to understand that there
are no risk-free platforms.
6. Concentration of threats
It is a reality that a security solution will not stop all the attacks that a user may be a victim of, but it will serve to prevent infection in the vast majority of cases. Considering the growth in the amount of malicious code circulating, it is important not to leave protection to chance.
7. Use of the device
The
use that is given to the device is essential to prevent infection. When it
is shared, the chances of being a victim of a cybercriminal increase; For
example, have you thought about what your son, cousin, uncle or girlfriend can
download when you lend him your equipment so that he can be distracted for a
while?
Beyond
the discussion about who you should or should not lend your phone to, someone
who gains control for a moment could execute something malicious by mistake or
ignorance. And if we talk about strangers, the possibility increases and
includes the potential intention to do harm.
It
is true that having a security solution is not enough. Ensuring that we
are going to be safe goes beyond just having an antivirus installed:
knowing the threats and how they spread, in addition to making adequate use of
technology, mainly keeping operating systems and
applications updated , help to have real protection against
all kinds of threats.
There
are those who say that having an ANTIVIRUS SOFTWARE installed extends the possibility of an attacker to
compromise a system, because they could take advantage of the vulnerabilities
of these tools. And to a certain extent they are right: installing a new
application on the system extends the attack surface. But, in this
particular case, there are many more threats that it helps prevent than it
could cause. Also, if we are talking about a product backed by a reliable
security company with a track record in the market (that's right, I was also
thinking about ESET) these problems are solved very quickly, preventing an
attacker from taking advantage.
No comments:
Post a Comment