Why an antivirus is not enough

01 Apr, 2021
John Tunay
John Tunay
Technical Product Marketing Manager
In a world where cyberattacks are growing, traditional anti-virus solutions are simply not enough. As confidence in detection-based protection is declining, and after the fact remediation for a single threat is increasingly costly, forward-thinking companies are leaning towards more preventive anti-malware solutions.

This is supported by a recent study by the Ponemon Institute on the state of endpoint security risk where they found that only 27% of respondents thought that traditional anti-virus solutions were sufficient for new and unknown threats.

The reality is, with our increased reliance on being connected to the web, combined with the rapid expansion of malware, it’s becoming harder and harder to prevent our devices from getting infected. That means, if you’re relying on anti-virus software alone to secure your PC and personal information you don’t have enough protection against the growing number of threats.

Here’s three reasons why anti-virus protection isn’t enough: 

1. There are too many threats to defend against.

It’s true, typical anti-virus software (also referred to as anti-malware software) is effective against the majority of known threats. But, there’s also unknown threats to worry about. 

The AV-Test Institute detects at least 350k new malware variants daily which accounts for approximately  77.7% of all new threats - the remaining they say is known malware.  With such a high percentage of unknown malware variants daily it’s simply unrealistic for an anti-virus to be able to protect devices from them all.

Here's why:
First, anti-malware engineers need to figure out how a particular virus works before they can instruct their software how to detect and eliminate an identified attack. This could take anywhere between an hour and a month. So that means, a new virus will usually be able to infect a number of organizations before the anti-virus protection is expertly tailored by security vendors to stop it.

Malware and virus authors are aware of this. The reason they regularly write and release new threats is because they know that every virus has a limited lifespan before getting caught. Early on, anti-virus vendors managed to keep up with the development of new cybersecurity threats but over the past few years, the explosion of new malware has made this virtually impossible.

2. Many successful attacks remain hidden from sight.

The number of threats for mobile devices, social media, and cloud services is increasing with social media in particular becoming a US$3.25 billion per year revenue stream for cyber-criminals. Cybercriminals not only collect revenue from social media malware, they also take advantage of users in other ways that do not seem to be apparent at first glance.

A study by Bromium found that 4 out of the 5 websites that host ‘crypto mining’ tools are social media sites. Cybercriminals use tactics like malicious applications, ads, plugins and links on these sites to trick users into unknowingly downloading the crypto mining software on their device.

Other kinds of attacks that can remain invisible from users include spamming from social media profiles and access to personal cloud services. Spamming attacks spread spam and malicious websites links to your contacts who may, or may not, inform you that you have been hacked. As people and businesses start to use cloud computing as an essential tool, the number of Data-stealing malware attacks are also on the rise. Many people don’t realise that traditional anti-virus solutions cannot protect your Data on cloud services so you are left to rely on the cloud providers to safeguard your Data.

3. You can be attacked without actually doing anything.

In the past, you could stay relatively safe by avoiding suspicious links and malicious websites.
People have also stayed safe by making sure to scan files from the web before opening them. Unfortunately, this approach is ancient history thanks to web-based malicious scripts and drive-by downloads.

Yes, something as seemingly harmless as a web page can be a way for malware to get into your system simply by visiting them. These typically come from clicking malicious ads, otherwise known as malvertising attacks, that land you on a page that could download a file or execute a web script that compromises your system. Malvertising attacks come in a wide-variety, can use legitimate but compromised websites, and may use misleading prompts to trick you into agreeing or simply act without you knowing how to execute.

These ‘drive-by downloads’ are hazardous as PCs get infected just by visiting a good website at the wrong moment. Malware authors get away with this by exploiting online advertising networks and inserting their malicious ads in between legitimate ones. While ad networks are trying to crack down on these practices, the scary truth is it’s simply impossible for them to prevent them without sacrificing their own revenue.

This is where SecureAge technology offers some better alternatives:

Firstly, while it goes without saying, keeping your system up-to-date reduces the risk of attacks and minimizes the possible damage. Windows has evolved enough to make OS updates as non-intrusive as possible, but cybercriminals tend to exploit other applications that you may have on your system. It’s critical that you have  a convenient way to know which applications are vulnerable, and you make sure that you update them as soon as they are available. Look out for vulnerability assessment features to make sure that none of your applications can be used as a gateway to compromise your system.

With that base covered, there are three modern-day approaches we recommend:

1. Sandboxing or software virtualisation solutions

Have you ever wondered how you could safely run applications you don’t trust without putting your system in jeopardy? Sandbox applications do just that – it creates a virtualised environment that, for all intents and purposes, runs like your actual device in a contained environment.

This approach essentially isolates potentially dangerous files. The classification of the danger, however,  varies from vendor to vendor. The important part is that if a file happens to be a threat, then the extent of the damage will be limited to the virtualized environment - the so-called sandbox. Some of the more popular vendors are Sandboxie Plus, and Cuckoo Sandbox.

2. Internet security solutions

Internet security is a broad term that is optional to modern anti-virus and usually comes at an extra cost. How internet security is implemented also varies from vendor to vendor.

A common trend, however, is that internet security is designed in a way that it monitors browser activity to prevent it from being exploited by malicious sites and ads. This can either be part of your anti-virus suite, as a standalone custom secure browser, or it could work as a plugin to your favorite browser. Some of the more popular vendors are Avira Browser Safety, and Avast Online Security.

3. Intuitive application control

Last but certainly not least is application control which ups the ante on traditional anti-virus solutions . Instead of focusing on who are the threats, which are plenty, our application control, SecureAPlus, considers what you should, and shouldn’t trust. 

By creating and maintaining a list of applications or files that you trust to run, and preventing everything else from running behind your back, an application control can guard you against any potential threat including fresh malware – it’s precisely because it’s fresh that it won’t be allowed to run.

The bottom line

When done right, application control is enough on its own to protect your device against known and, especially unknown threats, 100% of the time. That’s because the SecureAge approach combines both application control with an AI-powered tool that detects malware across multiple anti-virus engines - most likely including the one you’re using today. This allows you to build on what you’re comfortable with while ensuring you’re covered by the modern-day tools.

It’s important to make sure that your PC security solutions can work with each other, much like how SecureAPlus works with any security solution in the market. To find out more about SecureAPlus, click here.

We use cookies to improve our website experience and assume that by continuing to browse, you’re OK with it. To find our more about how we use cookies, please see our Cookie Policy.