Malware threats making anti-virus software 'totally useless' - Action News
Home WebMail Saturday, November 23, 2024, 06:18 AM | Calgary | -12.2°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
Science

Malware threats making anti-virus software 'totally useless'

Some computer consultants say the global malware threat has gotten so bad that conventional security measures, such as anti-virus software, are no longer adequate to fight them.

Nearly 100 per cent of computer attacks are criminal in nature, say experts

A number of cybersecurity experts say that the global malware threat has become so large that traditional protections, such as anti-virus software, are no longer sufficient.

Some computer consultants say the global malware threat has gotten so bad that conventional security measures, such as anti-virus software, are no longer adequate to fight them.

Anti-virus programs are totally useless, says Mohammad Mannan, an assistant professor at the Concordia Institute for Information Systems Engineering in Montreal.

If you use them, you might even be vulnerable [to malware] to some extent, he says.

A recent Visa survey showing that 92 per cent of respondents under the age of 35 had been the target of phishing scams demonstrates the tenacity of the hackers who are trying to seize personal financial information.

Anti-virus software works on the principle of identifying malevolent files and infected sites.But because of the sheer volume of malwareonline nowadays, rather than blacklisting bad sites we should be whitelisting the good ones, says Stu Sjouwerman, founder and CEO of U.S.-based computer security consultancy KnowBe4.com.

The amount of malicious software better known as malware circulating on the web has grown significantly in the past decade.

According to figures from virus detection sites, in 2002 there were an estimated 17 million known good executable files from various existing applications on the commercial internet, while antivirus engines detected two million nefarious ones.

By 2012, there were 40 million knowngood files and 80 million bad ones.

Malwarethreat growing

The main driver of this shift is cybercrime, says Fabrice Jaubert, a software developer who works with Googles malware detection team in Montreal.

In the past,malwarewas often the work of malicious individuals or pranksters looking for recognition of their coding prowess. But according to Jaubert, computer attacks nowadays are perpetrated almost entirely by organized crime.

Its 100 per cent criminal or 99.99999 per cent, says Jaubert. The end goal here is money big money.

Criminal hackers look for ways to install malware on your computer for the purpose of stealing your passwords, credit card numbers and banking information which they can sell to other criminals or commandeering your computer to distribute illicit material such as porn.

Cybercrime is estimated to be a $3 billion US industry, and its perpetrators are largely based in eastern European countries such as Romania, Russia and Ukraine, says Sjouwerman, author of Cyberheist: The Biggest Financial Threat Facing American Businesses Since the Meltdown of 2008.

One of the reasons malware is such a widespread problem is that it has become harder for consumers to detect, says Tony Anscombe, senior security evangelist for anti-virus firm AVG.

Malware viruses used to be disruptive if you got one, you knew you had it. Now, theyre deceptive and hide in the background, Anscombe says.

There are a number of ways hackers can get into your computer, but nowadays, a lot of it is accomplished by social engineering. For example, you may get an email or even a phone call that appears to be from abank or a tech support representative askingyou to openan email attachment or to clickthrough to an infected website.

The problem with anti-virus software

In the face of this ever-present threat, computer security firms have made billions of dollars selling anti-virus software to consumers.

The major problem, says Concordias Mannan, is that anti-virus software is by nature reactive, which means that it responds to specific malware after it has been distributed. Should a malware writer change a few lines of code, however, that anti-virus solution suddenly becomes obsolete.

Its the sheer number of malware variations that makes it impossible for anti-virus software to effectively combat the problem, says Mannan. To illustrate this, he points to the Storm botnet of 2007, a sophisticated piece of malware that affected millions of computers worldwide and generated 8,000 variations of itself every day.

How many updates or variants are you going to catch, if youre an anti-virus company? Mannan asks.

But while anti-virus software isnt foolproof, its a long way from useless, says Brian Bourne, co-founder of Toronto's annual SecTorcybersecurity conference.

He likens anti-virus software to locking the doors of your car.

It doesnt stop someone who'smotivated from stealing your car, but it does force them to put a little bit of effort in and it does mean youre not quite as easy [a target] as the unlocked car beside you, he says.

Googles Jaubert says that in recent years, some hackers have even taken to posing online as anti-virus companies with legitimate-looking websites, finding victims by ironically playing on their fear of malware. They offer "virus scans" that are actually malware.

Is whitelisting the answer?

Given these overwhelming threats, Sjouwerman believes whitelisting is vital to keepweb surfers safe.

The principle is similar to verified accounts on Twitter, which was a response to the proliferation of bogus accounts (usually ones pretending to belong to celebrities). Rather than identifying all the fake accounts, Twitters verification process simply certifies the legitimate one.

Whitelisting has been around for more than a decade, says Mannan, but only a few companies offer it right now.

The way it works is that anytime you surf the web, the whitelist prompt appears in your browser. If you go to a website that has been penetrated by hackers, the browser pops up a stern warning telling you not to proceed to the site.

Googles Chrome browser has this to a degree, but thats all based on blacklists, says Sjouwerman.

Whitelisting would keep a list of good sites on your workstation and in the cloud, which is a sanity check for the list on your computer.

Sjouwerman is convinced its the only way to deal with the growing malware threat.

We need to do a 180, and we need to stop keeping the bad guys out, because you cant keep up, says Sjouwerman.

Thats why Im on an evangelizing rampage to tell people we need to go to whitelisting.