There was a time when things were simpler, a time we all look back at nostalgically: the days when all you needed to stay safe online was an antivirus and some common sense. But that ship has sailed, and with wider Internet access came an entire new set of challenges.
Internet Nowadays
The more affordable devices connected to The Web became, the more people adopted them enthusiastically. But not every aspect of a healthy online environment evolved at the same incredibly fast pace. While tech innovation made incredible strides, cyber security specialists worked hard to keep up. Hardware and software became increasingly fragmented, and cyber criminals got more and more shrewd. And this brief timeline brings us back to our current challenges.
There is a steep difference in the meteoric development of the Internet and all the devices connected to it and the time is takes for mentalities to change. This might help explain why most Internet users still see the antivirus like a panacea for all their online security needs. And there’s another cause for this: most Internet users become online literates by picking up information and forming habits through trial and error. There’s no such thing as “The Big Book on How to Use the Internet.” If there were, it should include a huge chapter on cyber security. But it doesn’t.
So this context creates a lot of problems for every Internet user who wants to surf the web in good faith: vulnerabilities arise, people get infected with ransomware or financial malware and don’t even know it, social engineering tricks that are decades old still create victims all around the world, etc. In spite of the evidence, the majority of users still uphold their belief that antivirus is everything you need for protection against cyber attacks.
Of course, we can’t expect for everyone to have time to read into this and suddenly understand what they have to do. Cyber security articles are often complicated and include a lot of technical details that only specialists understand. But you and me, and everyone with a mild passion for online safety can really help change how people act about their security on the Internet.
Traditional Antivirus Shows Its Limits
Let’s make it simple. This list is how you can explain why there’s a lot more to online security than installing a traditional antivirus product. Simple words, no fluff.
Why antivirus can’t protect users against sophisticated malware attacks:
- Because the new malware families were especially engineered to detect if users have antivirus installed;
- Because this type of malware is capable of remaining dormant on a PC and tricking antivirus detection techniques in order to remain undetected and carry on with its malicious purpose;
- Because there are hundreds of thousands of malware samples every day (230,000 to be exact), and antivirus companies can’t process them as fast as they’d have to in order to detect and block every type of malware out there;
- Because new and advanced malware can transform and change its behavior to trick antivirus products into believing it’s safe;
- Because there are plenty of vulnerabilities that cyber criminals can leverage to gain control of your PC, and most of these vulnerabilities yield administrator access to a system (which means that the attackers can pretty much do what it pleases once inside);
- Because many of these software vulnerabilities are unknown even to the software makers;
- Because cyber criminals have a lot of resources, they move fast and have the ability to maintain anonymity online.
Of course, the context is much more complex, but the key insights above sum up the core of the matter for anyone to understand.
At this point you may be asking yourself:
Then why should I continue to use antivirus, if it’s useless?
It’s not that simple. Bear with me.
The Shift From Reactive to Proactive Protection
Antivirus products are good at ensuring reactive protection, but it’s impossible to create a catch-all solution, because 100% cyber security is an unrealistic expectation to have. Simply put: cyber security is rather complex and there are two ways to look at it.
From a reactive perspective, antivirus is still necessary. You can’t replace it with anything and you can’t renounce it either. That would mean leaving your system exposed to a myriad of cyber threats that you can’t contain, no matter how knowledgeable you are. So, by all means, don’t uninstall your AV solution and make sure you actually invest in a reliable one. No, free antivirus won’t shield you as you hope, but, if you can’t afford a paid solution, a free one will offer at least a very basic level of protection.
When it comes to proactive protection, people often disregard a huge number of actually helpful solutions. What’s more, most of them are actually free! We’re talking here about:
- Keeping your operating system and software up to date (which can block up to 85% of targeted threats and 65% of threats targeting your software);
- Keeping a backup of your data and updating it frequently;
- Using encryption tools to protect your data from harm;
- Using a password management program to generate and use better, stronger passwords (and never ever reuse them);
- Employing a traffic scanning solution that can weed out threats before they reach your system;
Conclusion
It’s crucial to think of cyber security as a multi-layered process, because security solutions complement each other and cover different aspects of your online security. That’s why cyber security education is crucial, not just in terms of forming specialists that can create new solutions to our problems, but also in terms of educating the mass of Internet users that are not aware of the dangers lurking in the shadows.
We need to move beyond the „all I need is antivirus” misconception and discover what we can do to prevent cyber attacks and block the holes that give attackers a way into our devices, our data, our memories and work in the end. And we have the information we need at hand. All we need is to use it.
Editor’s Note:
From time to time, SensorsTechForum features guest articles by cyber security and infosec leaders and enthusiasts such as this post. The opinions expressed in these guest posts, however, are entirely those of the contributing author, and may not reflect those of SensorsTechForum.