Save content
Have you found this content useful? Use the button above to save it to your profile.
AIA

Anti virus software is 'doomed'

by
22nd May 2014
Save content
Have you found this content useful? Use the button above to save it to your profile.

Businesses need to reduce their reliance on anti-virus software, an IT analyst has said after an executive at one of the pioneering suppliers of security software said anti-virus products are “doomed to failure”.

Antivirus "is dead," Brian Dye, Symantec's senior vice president for information security told the Wall Street Journal earlier in May. "We don't think of antivirus as a moneymaker in any way."

Security suppliers are trying alternative tactics to protect computers, such as customers to place fake data inside their firewalls to distract hackers, the newspaper reported.

Fran Howarth, a security expert at Bloor Research, agreed. She told Accounting WEB that anti-virus software has been “dead and buried” for some time.

It still has a place in defending against known attacks through blacklisting and signatures, but that is no longer sufficient given the huge growth in targeted attacks that use "zero-day" threats and exploits to defeat such defences, she said.

Every organisation should assume that it has been breached, or certainly will be soon if it relying solely on such defences, Howarth said.

Organisations should focus on new types of IT security, such as “dynamic sandboxing” technology (which detects and block specific classes of malware) and file-based controls, which analyse the content of files, remove security threats and sent a “sanitised” file to users, she said.

Tags:

Replies (9)

Please login or register to join the discussion.

avatar
By carnmores
24th May 2014 16:13

tell us more
Before we renew our AV, we must be better off with than without

Thanks (0)
avatar
By carnmores
27th May 2014 12:51

@JC

not sure i have quite got my head around dynamic sandboxing yet !

Thanks (0)
Chris Caspell CTA TEP
By ccaspell
29th May 2014 12:16

Dynamic Sandboxing...

...do we get a bucket and spade with that?

Thanks (0)
avatar
By helenford
29th May 2014 12:36

my home laptop

Does this apply to my home laptop as well? I knwo my anti-virus has worked in the past, so is there anything I can replace it with?

Thanks (0)
avatar
By cirruspilot
29th May 2014 12:45

Antivirus Doomed

Is this Semantec just deciding that they cannot make money so therefore no one can ?

I think that if MIcrosoft could sort out their O/S you could make AV redundant, but that will not happen because Microsoft are losing the battle to retain the desktop and laptop O/S business

 

 

Thanks (0)
avatar
By jimeth
29th May 2014 13:16

Anti Virus is still useful

Anti Virus software is still clearly useful.  Some of the answers to this post have missed that bit.  It is just that AV software can no longer give full protection - so it is not enough on its own.  But I certainly wouldn't be without it - either at home or at work.  What we need to add over and above our current type of AV software is the real question here.

Thanks (0)
avatar
By dhwallace
29th May 2014 13:51

Thoughts from an IT guy
I'm an IT consultant who enjoys keeping up with the world of accountancy. Bizarre I know...

I'm not a security specialist but I would say it is wise to keep your AV software just in case. It's just one element of keeping the bad guys at bay. What is probably more Important though is keeping the firmware and software in your firewalls, switches and routers up to date, as well as being wary of any file from an external source. And I would consider not having any conifiential client information on a laptop unless you encrypt it. Connecting any laptop to an open, publick network is always a risk.

But the guy from Simantec is right - there is no silver bullet, just as there isn't for the physical security at your office.

Just my 2 cents.

Thanks (0)
avatar
By User deleted
29th May 2014 15:11

At a practical level ...

Where are users going to get this sort of app from and if any results interpretation is required do they have sufficient knowledge to understand what is going on?

Frankly this is probably a non-starter for most people - the business of isolating files and determining how they perform before allowing them into the live environment - is this really going to occur on most users pc's.

Even if it does, coders nare finding new ways around sandboxing every day - so whilst this may be a good concept is it really anything other than an abstract exercise for most users on their local pc?

https://www.virtualbox.org/

http://www.fireeye.com/resources/pdfs/fireeye-hot-knives-through-butter.pdf

'.. But attackers have evolved, too. Mindful that their code may execute in a sandbox before it reaches its target, malware authors are creating VM-aware code that hides any telltale behavior until it has reached “live” prey. Observing no suspicious actions in the sandbox, the security analysis deems the code harmless.

The key for malware authors is determining whether the code is running in a virtual environment or on a real target machine. To that end, malware authors have a developed a variety of techniques ..'
 

Thanks (0)