Friday, January 2, 2015

If Antivirus Is Dead, How Do I Know If I've Been Hacked

Antivirus “is dead”, declared Brian Dye senior vice-president of information security at Symantec. Industry experts agree that antivirus protection is only 45% effective in detecting malware. If you have been relying on antivirus protection as your only approach to protecting your computer from intruders, then you might sleep less comfortably at night.
So, if you go to a website, open an email attachment, or download a file where there is malware present, there is a 55% chance your computer will become infected without you knowing about it. If you can’t rely on antivirus protection to detect an infection, how will you know if you’ve been hacked?
Chances are you won’t know you’ve been hacked. Most people assume that their computer will crash or will suddenly experience performance issues. That assumption is a myth. Cyber criminals will NOT crash your computer. That would defeat their purpose. Their aim is to infiltrate your computer to pilfer data. After their done they will use your computer to cover their tracks so their attacks on other computers will appear to originate from your computer. They may also add your computer to their network on infected computers. That network is referred to as a “botnet” and your computer is referred to a “zombie”. With a network of hundreds of thousands and even millions of computers, hackers have the power to launch attacks on networks and websites that can render them inoperable. There is absolutely ZERO benefit to the cyber criminal in crashing your computer.
If you think that being careful with opening email attachments and what websites you visit will protect you, think again. Most people use Facebook and other social media sites. According to industry experts the use of social media to spread malware has become ubiquitous. Cyber criminals have enjoyed a 70% success rate with malware spread through social media.
What can you do besides throw your arms in the air in frustration yelling “why little ol’ me!”. Or, resigning yourself to constant surveillance and saying to yourself “I have nothing to hide” in order to feel less uncomfortable. Obviously, a new approach to securing your computer is sorely needed. There are solutions that I will cover in future blogs. So, stay tuned.

Symantec Exec Declares Antivirus is Dead

Antivirus detects only 45% of all attacks which renders the widely used protection ineffective according to industry experts. Brian Dye, senior vice-president for information security at Symantec, has declared antivirus as “dead”. This comes from a company that has been a leading innovator of antivirus products since the 1980s.
Cyber criminals and hackers have simply outsmarted the developers at antivirus companies. At first the industry approach was detect and then protect. That method worked when the amount of malware and viruses being produced was relatively low. Once the amount of malware created per year reached the level of millions of variants the “detect and protect” approach became impractical. At that time a quasi-artificial intelligence called “heuristic detection” was developed. Heuristics worked for the 1990s and early 2000s. But, the bad guys found a way to bypass the heuristic detection. Hackers now use a method called “cypting” that renders malware undetectable to antivirus software and malware tools.
Brian Krebs, a computer security reporter describes this “crypting” method, “Put simply, a crypting service takes the bad guy’s piece of malware and scans it against all of the available antivirus tools on the market today – to see how many of them detect the code as malicious. The service then runs some custom encryption routines to obfuscate the malware so that it hardly resembles the piece of code that was detected as bad by most of the tools out there. And, it repeats this scanning and crypting process in an iterative fashion until the malware is found to be completely undetectable by all of the antivirus tools on the market.”
The cyber criminals and hackers call this kind of malware “full un-detectable” or “FUD” for short. This is the reason antivirus is now only 45% effective. So, if you have been depending on antivirus as your sole means of protecting your computers you are in for a rude awakening. And, if you have felt safe because your computer hasn’t crashed, you are even in for a bigger rude awakening. Professional cyber criminals and hackers will NOT crash your computer. That would defeat their purpose of pilfering your data and using your computer to cover their tracks when attacking other computers.  There is absolutely NO benefit to the cyber criminal to crash your computer.   They may encrypt your data and blackmail your into paying a ransom to get your data back, but they won't crash your computer. 
In future blogs I will discuss alternatives to antivirus protection that is more effective.  Stay tuned.