+1 866-615-2786 | Submit a Ticket
  • Managed IT Services in Toronto
    • Managed IT
    • Mobile Device Management
      • Mobile Device Recovery Solutions
    • IT Consulting/Advisory
    • Business Continuity & Disaster Recovery Solutions
    • Cloud Services
    • Network and Server
    • Communications
  • Software Development
    • Custom Software Development
    • Architecture and Design
    • Procurement
    • Software Assessment
    • Software Asset Management
    • AODA / WCAG Compliance
    • Software Development Costs
  • Security
    • Cyber Security Solutions
    • Data Security
    • Software Security
    • Log Management
    • Risk assessment
  • Resources
    • Case Studies
    • Blog
    • Education
      • Why Antivirus Doesn’t Work
      • Custom Software vs Off The Shelf: The Pros & Cons
      • How to Prevent Online Hackers from Hijacking your Wires
      • Dodging the Technology Traps that Stalls Growing Business
      • The Hidden IT Security Threats Right in Your Office Today
      • How to find the right software developer
      • Take A Byte Out of Cybercrime
      • Your Security Matters
    • Software Development Costs
  • Industries
    • Healthcare
    • NFP
    • Warehouse & Logistics
  • Contact Us
    • About Us
  • Managed IT Services in Toronto
    • Managed IT
    • Mobile Device Management
      • Mobile Device Recovery Solutions
    • IT Consulting/Advisory
    • Business Continuity & Disaster Recovery Solutions
    • Cloud Services
    • Network and Server
    • Communications
  • Software Development
    • Custom Software Development
    • Architecture and Design
    • Procurement
    • Software Assessment
    • Software Asset Management
    • AODA / WCAG Compliance
    • Software Development Costs
  • Security
    • Cyber Security Solutions
    • Data Security
    • Software Security
    • Log Management
    • Risk assessment
  • Resources
    • Case Studies
    • Blog
    • Education
      • Why Antivirus Doesn’t Work
      • Custom Software vs Off The Shelf: The Pros & Cons
      • How to Prevent Online Hackers from Hijacking your Wires
      • Dodging the Technology Traps that Stalls Growing Business
      • The Hidden IT Security Threats Right in Your Office Today
      • How to find the right software developer
      • Take A Byte Out of Cybercrime
      • Your Security Matters
    • Software Development Costs
  • Industries
    • Healthcare
    • NFP
    • Warehouse & Logistics
  • Contact Us
    • About Us

why antivirus doesn't work

Why Antivirus Doesn’t Work and What to do About it

In a previous article, I talked about how cyber crime is continuing to get more sophisticated, and how the offenders are getting away with larger amounts.

In this article, we’ll look at AntiVirus software why it’s not always effective and what can be done to overcome this ineffectiveness.

Antivirus software is designed to prevent, detect and remove malicious software.

The obvious solution to removing malware and viruses is to have an updated version of AntiVirus to catch and remove them.

AntiVirus works well for existing and known malware and virus’.  But these are not so effective against new viruses, also known as “Zero Day” viruses.

Depending on your version of antivirus, they can be from 0% to 65% effective.  So, if you have the best antivirus on the market, 35% of the Zero Day malware will go undetected.

To take a random example from this week. We were called to repair a WordPress website that had been hacked.

Here we found most of the files has been altered to have a piece of malware quietly infect computers visiting the site.  As shown below only 8 out of 55 AntiVirus systems recognized this as malware.

The missing offenders included some of the biggest names like Trend Micro and McAfee.

why antivirus doesn't work

If AntiVirus is ineffective, then what can one do?

Fortunately, there are many tools on the market to combat these kinds of threats.

Unfortunately, they tend to be lesser known and often expensive solutions.

Let’s start with finding malware.

Since most AV systems work by trying to identify bad files or processes, detection needs to be rethought to be effective.  One way to do this is to analyze processes in memory and identify ALL of them instead of just some.

Identifying a process in the memory means that the file is actively running and using memory, therefore it presents a danger. An idle file cannot cause harm.

Secondly, one can not find a malicious process on its own. Trying to find a malicious process is like trying to find a needle in a haystack without knowing what a needle looks like.

You might also like…

  • Software Security Services
  • 4 Common IT Security Vulnerabilities You Should Know About

This is why AntiVirus companies have such a hard time catching everything.

Every single process must be identified as:

  • Good (previously seen and known)
  • Bad (previously seen and known to be bad)
  • Unknown (not previously seen and need to be forensically investigated).

One such AntiVirus company that takes this approach is Cyfir.  Through this approach, they were able to detect a breach at the Office of Personnel Management in the US Government, that was previously undetected by multi-layered security systems

With a solution like this in place, you can rest assured systems and data will be much safer.

With that said, not all attacks involved malware.  Stay tuned on how to thwart further would-be attackers beyond using the traditional firewall systems and password security.

If your systems are only protected by AntiVirus, and there is concern about unknown processes running, perhaps it’s time to look into the next level such as Jig’s managed IT services to secure your most important data system?

logo
Submit a Ticket
Resources
Privacy Policy
Follow Us
Copyright JIG Technologies 2020
Location
Office Hours:
Mon - Fri: 8am - 6pm
Weekends: Closed

Helpdesk:
Mon - Fri: 24 hrs
Weekends: 9am - 5:30pm
Contact Us

JIG Technologies

Head Office

Toronto Address

250 Merton Street Suite 301, Toronto, ON M4S 1B1
Toll Free: 1-866-615-2786
Fax: 1-416-222-9131

Other Global Locations

Vancouver Address

1583 Marine Dr. Suite 33056 West Vancouver, BC V7V 1H0
© Copyright 2018 JIG Technologies. All Rights Reserved. | Inbound Marketing by Jumpfactor

Call Us