Anti virus software is 'doomed'

Businesses need to reduce their reliance on anti-virus software, an IT analyst has said after an executive at one of the pioneering suppliers of security software said anti-virus products are “doomed to failure”.

Antivirus "is dead," Brian Dye, Symantec's senior vice president for information security told the Wall Street Journal earlier in May. "We don't think of antivirus as a moneymaker in any way."

Security suppliers are trying alternative tactics to protect computers, such as customers to place fake data inside their firewalls to distract hackers, the newspaper reported.

Fran Howarth, a security expert at Bloor Research, agreed. She told Accounting WEB that anti-virus software has been “dead and buried” for some time.

It still has a place in defending against known attacks through blacklisting and signatures, but that is no longer sufficient...

Continued...

» Register now

The full article is available to registered AccountingWEB members only. To read the rest of this article you’ll need to login or register.

Registration is FREE and allows you to view all content, ask questions, comment and much more.

Comments
carnmores's picture

tell us more    1 thanks

carnmores | | Permalink

Before we renew our AV, we must be better off with than without

See ...    2 thanks

JC | | Permalink
carnmores's picture

@JC

carnmores | | Permalink

not sure i have quite got my head around dynamic sandboxing yet !

ccaspell's picture

Dynamic Sandboxing...

ccaspell | | Permalink

...do we get a bucket and spade with that?

my home laptop

helenford | | Permalink

Does this apply to my home laptop as well? I knwo my anti-virus has worked in the past, so is there anything I can replace it with?

Antivirus Doomed

cirruspilot | | Permalink

Is this Semantec just deciding that they cannot make money so therefore no one can ?

I think that if MIcrosoft could sort out their O/S you could make AV redundant, but that will not happen because Microsoft are losing the battle to retain the desktop and laptop O/S business

 

 

jimeth's picture

Anti Virus is still useful

jimeth | | Permalink

Anti Virus software is still clearly useful.  Some of the answers to this post have missed that bit.  It is just that AV software can no longer give full protection - so it is not enough on its own.  But I certainly wouldn't be without it - either at home or at work.  What we need to add over and above our current type of AV software is the real question here.

Thoughts from an IT guy

dhwallace | | Permalink

I'm an IT consultant who enjoys keeping up with the world of accountancy. Bizarre I know...

I'm not a security specialist but I would say it is wise to keep your AV software just in case. It's just one element of keeping the bad guys at bay. What is probably more Important though is keeping the firmware and software in your firewalls, switches and routers up to date, as well as being wary of any file from an external source. And I would consider not having any conifiential client information on a laptop unless you encrypt it. Connecting any laptop to an open, publick network is always a risk.

But the guy from Simantec is right - there is no silver bullet, just as there isn't for the physical security at your office.

Just my 2 cents.

At a practical level ...

JC | | Permalink

Where are users going to get this sort of app from and if any results interpretation is required do they have sufficient knowledge to understand what is going on?

Frankly this is probably a non-starter for most people - the business of isolating files and determining how they perform before allowing them into the live environment - is this really going to occur on most users pc's.

Even if it does, coders nare finding new ways around sandboxing every day - so whilst this may be a good concept is it really anything other than an abstract exercise for most users on their local pc?

https://www.virtualbox.org/

http://www.fireeye.com/resources/pdfs/fireeye-hot-knives-through-butter.pdf

'.. But attackers have evolved, too. Mindful that their code may execute in a sandbox before it reaches its target, malware authors are creating VM-aware code that hides any telltale behavior until it has reached “live” prey. Observing no suspicious actions in the sandbox, the security analysis deems the code harmless.

The key for malware authors is determining whether the code is running in a virtual environment or on a real target machine. To that end, malware authors have a developed a variety of techniques ..'