You Can’t Depend on Anti-Virus To Stay Secure. Here’s Why

As technology continues to change, the number of ways your company can be targeted in a malware attack grows. At Five Nines, we put a major emphasis on educating our clients about what potential attacks could do to their operational systems, while also preparing their network to fight these attacks and keep systems secure as the designated IT services provider. While we do install anti-virus software for our clients, it’s only one tool in our belt, given that additional layers of security are needed now that hackers are more sophisticated. Before we get into why you can’t solely depend on anti-virus to stay secure, let’s define terms that are crucial to understand when we’re talking about anti-virus software and security. 

Malware is a broad term that really defines any malicious code or program that gives an attacker explicit control over your system. It may refer to all types of malicious programs including viruses, bugs, bots, spyware, etc. and even ransomware.

Anti-virus - Anti-virus software, also known as anti-malware, is a computer program used to prevent, detect, and remove malware.  It’s the most commonly used weapon against malware.

Layered Security -- Layered security, also known as layered defense, describes the practice of combining multiple security controls to protect assets, such as resources and data. 

Now that we have some context, let’s talk about why anti-viruses can’t keep up with the increasing number of malware attacks. While there’s been thousands of cyber-attacks, one that really called attention to this growing issue of anti-virus protection happened in 2013. Over the course of three months, attackers installed 45 pieces of custom malware and stole crucial information from The New York Times. The Times — which uses anti-virus products made by Symantec — “found only one instance in which Symantec identified an attacker’s software as malicious and quarantined it.” The IT services team just didn’t catch it.

To get rid of the hackers, The Times, “blocked the compromised outside computers, removed every back door into its network, changed every employee password and wrapped additional security around its systems.” Ultimately, this is just one example of how hackers can create software that surpasses anti-virus software. They’re now able to design a piece of malware, run it on a computer with that anti-virus product to see if it will be detected, and if it is, then they can modify the code until the anti-virus software no longer detects it. What this means is that unless a traditional anti-virus software has seen a particular threat in the past, it won’t necessarily protect your computer. There are other new products that are able to ward off some of these new threats. For example, Cylance Inc. develops anti-virus programs with Artificial Intelligence to prevent, rather than re-actively detect, viruses and malware, this is also referred to as “Next Generation Protection”. So, what else can you do to stay secure?

1. Keep Your Systems and Software Up-To-Date: One of the most common ways hackers launch attacks? Exploiting vulnerabilities in operating systems and software that are out of date. Simply put, when technology reaches its End of Life or End of Support date, patches, bug fixes, and security upgrades automatically stop, putting your technology at risk for an attack. Educating your team about when and how to update software and systems can keep you safe. Our IT services team works to monitor when these End of Life/End of Support dates as well.
   
   
2. Firewall installation: You will want a business firewall to keep your company data protected.  You can implement a firewall in either hardware or software form, or a combination of both. Your IT managed services provider can help you set this up and monitor it for success on an ongoing basis.  There are next-generation firewalls as well. Unified threat management (UTM) provides multiple security features and services in a single device or service on the network. UTM includes a number of network protections, including intrusion detection/prevention (IDS/IPS), gateway antivirus (AV), gateway anti-spam, VPN, content filtering, and data loss prevention, just to name a few.
   
   
3. Encrypting Information: If a hacker can infiltrate your system, encrypting your files can make the information useless if it is stolen. Encryption is the most effective way to achieve data security because it turns your crucial information into code. To read an encrypted file, someone would need access to a secret key or password that enables them to decrypt it. BitLocker, Microsoft’s easy-to-use, proprietary encryption program for Windows can encrypt your entire drive, as well as protect against unauthorized changes to your system such as firmware-level malware. 
   
   
4. Password Management: We’ve talked about this before, and we encourage you to create a password protocol for your company. Changing passwords often and ensuring the passwords are difficult to guess are two ways to protect yourself. You can read more about our password tips here.
   
   
5. Image-Based Backups:  It’s important to be in a position to recover your environment with backups if you encounter a breach. At Five Nines, we use image-based backups to keep your business running. Image-based backups are just what the name states: an image of your entire operating system, rather than individual files on your PC. 

The purpose of multi-layered security is to stop cyber attacks on different levels, so they never reach the heart of your system and affect essential information. While it’s crucial to use anti-virus software, it cannot be your only line of defense.