Your antivirus software probably won’t prevent a cyberattack

mcafeePropaganda Alert! Quick! Pass Cybersecurity NOW!

CNN – by David Goldman

During a four-month long cyberattack by Chinese hackers on the New York Times, the company’s antivirus software missed 44 of the 45 pieces of malware installed by attackers on the network.

That’s a stunning wake-up call to people and businesses who think they are fully protected by their antivirus software.

“Even the most modern version of antivirus software doesn’t give consumers or enterprises what they need to compete in the hacker world,” said Dave Aitel, CEO of security consultancy Immunity. “It’s just not as effective as it needs to be.”

The New York Times said it had an antivirus system from Symantec (SYMCFortune 500) installed on devices connected to its network. The Chinese hackers built custom malware to, among other things, retrieve the usernames and passwords of Times’ reporters. Since that brand-new malware wasn’t on Symantec’s list of forbidden software, most of it was allowed to pass through undetected.

Symantec responded that it offers more advanced solutions than the one the New York Times (NYT) deployed.

“Advanced attacks like the ones the New York Times described underscore how important it is for companies, countries and consumers to make sure they are using the full capability of security solutions,” the company said in a written statement. “Antivirus software alone is not enough.”

The cold fact is that no single solution can prevent all cyberthreats. Sophisticated attackson networks routinely bypass network security systems, no matter how rock-solid they are — or claim to be.

“Commercially available solutions are available to everyone,” said Rohit Sethi, head of product development for SD Elements, a security firm. “It’s not hard for attackers to learn how to evade detection, and they’re coming up with ingenious ways of doing just that.”

The solution, security experts say, is to deploy technology that keeps a very, very close eye on what’s happening inside your network. You can’t always prevent attackers from getting in, but you can at least set tripwires to alert you when they do.

In the New York Times’ case, the company suspected that it would be attacked because of its investigation into Chinese Prime Minister Wen Jiabao’s family finances. It asked AT&T(TFortune 500) to monitor its network. AT&T quickly picked up suspicious signs. Two weeks later, when the extent of the infiltration became clear, the Times hired security consultancy Mandiant to track the attackers’ movements through its systems.

“Attackers no longer go after our firewall,” Michael Higgins, the Times’ chief security officer, told Times reporter Nicole Perlroth. “They go after individuals. They send a malicious piece of code to your e-mail account and you’re opening it and letting them in.”

From there, the best thing companies can do is track what attackers are doing.

“The question we always ask our customers is, ‘Do you know every program running on your network?” said Immunity’s Aitel. “When you know the answer to that question, you don’t need antivirus software. When you don’t, you’re screwed.”

Experts say that antivirus software is still a good, basic thing to have. Owning an antivirus solution is like putting the Club in your car — it’s not going to stop a determined thief, but it’s going to make stealing your stuff more difficult.

Antivirus software maker Avast, whose free antivirus software is among the most widely used, says there’s a major distinction between the kinds of threats encountered by everyday Web surfers and the carefully targeted attack the Times faced.

“Seatbelts and airbags are wonderful protection and improve the safety of millions, but they will not stop a bullet fired — say by a hired killer,” said Jindrich Kubec, Avast’s threat intelligence director. “Does it mean you will stop using airbags and seatbelts?”

Some antivirus solutions are better than others. In a recent analysts, Immunity simulated attacks against networks protected by the top-of-the-line software built by Symantec, Kaspersky Labs and Intel’s (INTCFortune 500) McAfee security division.

Immunity was able to break into the systems protected by Kaspersky and McAfee in two days. Symantec was the best of the breed, with Immunity unable to penetrate it in the several days it gave itself to achieve the task.

“New reputational-based software works to an extent,” Aitel said, referring to systems that aim to contextualize the threats they detect. “But deep down, nothing is as good has having a proper awareness about what’s going on in your network.”

8 thoughts on “Your antivirus software probably won’t prevent a cyberattack

  1. Do any of the antivirus software ever actually work?

    I mean let’s be real here. Antivirus software is a lot like a flu shot. It doesn’t protect your computer from getting a virus. It actually gives it a virus, causes seizures or glitches in the system and causes it to be slow or impaired for the rest of its life. It’s almost as if the CDC created the software itself. lol

    So really, why do we have or why do people even use antivirus software? Just another false sense of security.

    1. That`s right NC. It realy is the hackers that make the anti virus programs. Have you ever heard of Start Page for a search engine. type it in and check it out for their free edition it is worth while.

      1. Yep, Digs. It’s the hackers that make the programs. In order to fight a hacker, you have to be the hacker.

        Look at the Military Industrial Complex. They don’t hire sane people to build weapons of mass destruction. They hire INSANE people to build them.

        Like what they say in the movie, “Under Siege II: Dark Territory” (for lack of a better movie)

        “Admiral Bates: Why would you people hire a goddamn maniac-?

        Tom Breaker: [impatiently] Because, Admiral, sane people do not build weapons like this.”

    1. Yup #1 me too. Later this year I`m going with Kaspersky too. Too many bills this time of year ya know. Now I just use Kaspersky free virus scan and advast for security. and of course start page for a search engine.

Join the Conversation

Your email address will not be published. Required fields are marked *