Posted on by Net Primates

We’re always told that we need active AntiVirus (AV) software, but is it enough to deal with today’s cyber threats? Rupert recently released a video detailing how AV works, and how to protect your business IT, and below we’ve summarised the content. Read, watch, digest and ask questions – make sure you understand AV and how you could be impacted. 

What is AntiVirus software? 

AV has been around since the 1980s and traditionally consisted of a library built up of malicious software as it was detected. Code would be added to the library (database) so that it could be detected and quarantined if it appeared on your computer. Obviously, this meant that AV had to be regularly updated; if not, computers would soon be left vulnerable. 

So, what’s changed? 

Zero Day Malware has appeared.  

Viruses can now mutate so that they can’t be detected by AntiVirus software. Also, nowadays we don’t just see viruses – they are just one type of malware (undesirable software) that we see running. There are now a host of nasties such as: 

  • Ransomware 
  • Adware 
  • Spyware 
  • Trojan Horse Malware 
  • Worms 
  • KEYholders 

The landscape has evolved dramatically. 

During a recent survey 87% of malware detected on UK-based devices was Zero Day (just 13% would be detected by traditional AV software). Almost 9 in 10 pieces of malware wouldn’t be detected! 

What’s the solution? 

EDR (Endpoint Detection and Response) monitors file content but also what files are doing – is a file trying to make changes to your computer that are abnormal? EDR gives systems the ability to remove dodgy files. This proactive protection adds significant power and control that AV can’t provide.  

It’s worth noting that these systems are not just computer-based – there are highly experienced engineers quickly analysing activity and manually updating protection. 

AntiVirus software is not enough 

The types of threats that both businesses and individuals face are significant, most of which won’t be detected by traditional AV. The risks of relying on AV are too great.  

What can you do? 

Check if you’re only using AntiVirus software or whether there is an EDR element attached. Plus, make sure anything you’re using is up to date and that you’re paying for effective solutions rather than simply accepting a renewal invoice when it’s sent to you. Ask business associates and peers what they’re using and consider adding EDR immediately if you don’t currently have it. 

If you’re not sure what you’re using, or what you need, please do ask us for help. We all need to work together in the fight against cybercrime.