Earlier this week, Symantec has shaken up the internet security world by stating that "antivirus software is dead." According to a Symantec senior vice president, anti-virus software catches just 45 per cent of malware, enabling an ever-increasing range of PC cyber-attacks to go unnoticed.
A lot of the discussions around this statement have been very technical, but at a basic level, what does this mean for your PC, laptop or mobile device? Is there any point in installing anti-virus software anymore? And are you less safe than you thought you were last week?
In fact, traditional, signature-based anti-virus as the sole method of protection has been dead for many years. The truth is that the term 'anti-virus' is outdated. For one thing, what protects most people's computers these days is anti-malware software. For another, anti-malware products make use of a wide array of technologies to protect computers - over-and-above the use of signatures. The number of new malware samples created has grown dramatically in recent years; Kaspersky Lab currently analyses over 315,000 new malware samples every day and there's a growing trend of cybercriminals being used as proxies for ordinary criminal groups of all kinds. Under these circumstances, giving up the idea of protecting endpoints, including mobile devices, is simply not an option as it would just leave millions of people at the mercy of these groups. But traditional anti-virus software has long since been replaced by much more sophisticated technologies which, in combination, deliver comprehensive protection to consumers and businesses. These technologies include heuristics, sandboxing, proactive behaviour detection, cloud-enabled threat intelligence, application control (sometimes referred to as whitelisting), automatic exploit prevention, secure banking and more.
So the death of anti-virus software doesn't mean that security firms are not providing the required protection and it doesn't mean your computer is at increased risk from malware. What it does mean is that to keep up with increasingly sophisticated online threats, security software must continue to evolve to meet the new challenges posed by new technologies and the ways in which cybercriminals try to subvert them for their own ends.
Remember, though, that security is as much about what you do as it is about technology; and you should 'think security' when doing anything online. In that spirit, it's worth reiterating our top tips for staying safe online:
- Apply security updates to your operating system and applications as soon as they are released - don't put it off!
- Protect all your devices with security software
- Don't click on attachments or links in unsolicited messages - it's always better to type a URL directly into your browser, to avoid the risk of being taken to a phishing site
- Avoid over-sharing online, since personal information made public makes the job of identity thieves easier - if you wouldn't publish something on the front page of a national newspaper, don't post it online!
- Use a unique, complex (include letters, numbers and special characters) and long password (at least eight characters, ideally 15) password for each online account
- Don't use untrusted public wi-fi networks to transact confidential business (e.g online banking)
- And for your smartphone or tablet specifically:
- Don't 'jailbreak' or 'root' your device
- Don't install apps from untrusted sources
- Set a PIN or ideally a longer passcode