By Bob Hand
rifkiedr / Pixabay
“I don’t use AV (antivirus software), I think it’s dead and based on an ancient tech that is no longer relevant. Hacker kits come out ten times faster. AV is a meaningless system.”
– John McAfee, former CEO of McAfee (creators of McAfee Antivirus)
“Antivirus is dead.”
– Brian Dye, senior vice president of Symantec (creators of Norton Antivirus)
Throughout the last decade, we have come to evaluate antivirus software differently. Judging from the words of leaders in the industry, there seems to be little point in buying or installing their products anymore. What is the cause for the shift in perception about antivirus software? Fundamentally, the way that we interact with the internet has changed.
Over three billion people around the world have internet access, and that number is constantly growing. In addition to more users, more unsecured “smart” devices are being sold every day. For those with malicious intent, this means a greater number of vulnerabilities to exploit. Incidences of identity theft have increased to alarming levels as vulnerabilities increase.
Given these daunting statistics, cautious consumers have continued to buy antivirus software. How does it protect consumers? For less advanced users, antivirus software can perform some helpful basic actions. It can remove infected files. It blocks keyloggers, malware, and remote access trojans. Some experts are still advising an antivirus check once a week. But the software cannot protect you completely; caution is still required.
Can antivirus software protect you against identity theft? Not entirely. Many devices cannot be protected, and sometimes the way that malicious parties target us has nothing to do with technological vulnerabilities.
Security and the Internet of Things
Once merely used as a buzzword, the “Internet of Things” is becoming more of a reality in recent years. A greater number and variety of devices are connecting to the internet. If you want an idea of how this poses a security risk, a recent episode of Mr. Robot demonstrated how a smart home can be manipulated by hackers.
Most “smart tech” has little in the way of security, and they cannot be patched for security issues. Such devices are built to automatically send and receive information, without regard to determining who can send or receive it. The most you can do is change your network password and invest in identity theft protection.
jeferrb / Pixabay
The Mind Games of Social Engineering
Some exploits used by hackers prey on human fallibility, using social engineering to access accounts.
“Social engineering” refers to the act of manipulating people to bypass security. The act of defrauding an account by posing as the account holder or a legitimate third-party is known as “phishing”. Here is an example of how a hacker can phish for someone’s online accounts using only a phone:
The hacker calls the customer support of the cell phone company of their target in order to gain access to their mobile number. To gain access, the hacker will imitate the target. Information about an individual’s physical characteristics, habits, and interests can lend authenticity to such an attempt, so the hacker collects information about the target from social media.
Spoofing the target’s phone number, the hacker then calls the cell phone company. If they are able to convince the customer service rep, they will have access to the target’s email address and account password. With this information, they can access and change the password to other accounts linked to this email address. Practicality all of the target’s online accounts and financial information can be accessed with one phone call.
Internet celebrities are especially susceptible to this tactic. On Youtube, owners of high-profile channels like Boogie2988 and H3H3 have been attacked by hackers using this method.
Holding Your Data for Ransom
Another problem that afflicts many users is malware. Be wary when downloading and installing software. Ransomware is a type of malware that can lock your computer or encrypt information on your hard drive. It will then essentially hold your computer for ransom, until you enter payment information. Antivirus software cannot stop ransomware once it is installed.
The best way to prevent malicious software from ruining your device is by never installing it in the first place. For example, downloading the wrong version of Pokemon Go on an Android device can leave your device and personal information compromised; one version allows hackers to record audio from your calls, modify contacts, and read your web history. Only download software from sites that are trustworthy.
Antivirus software, no matter how comprehensive it claims to be, cannot protect you completely. In fact, there is likely no impenetrable defense against the ever-shifting tactics used by hackers. Antivirus is not “dead” per se, but it alone is not sufficient protection. Until antivirus technologies match the rapid pace of technological innovation that brings a constant stream of new vulnerabilities, the safest course of action is to be aware of where these vulnerabilities are.