Anti-Virus is not enough. How do you detect hackers once they get a foot-hold.

Anti-Virus is not enough. How do you detect hackers once they get a foot-hold.
Anti-Virus is not enough. How do you detect hackers once they get a foot-hold.

When reading this article you might get a sense of doom and gloom but don't panic. There is a solution yet this is important to note.

Once again, we have the journalism of Ars Technica who discovered that the method of attack used in Stuxnet (The virus used to attack Iran's nuclear program in 2010) is still usable today.

What is even worse is that the same method (Forged signatures) was discovered to be used in active viruses as early as 2003. Of the 189 signatures they found, 103 remain valid.

When using this method in malware, many security products struggled with detecting it as a malicious program

Three AV programs—nProtect, Tencent, and Paloalto—had the most trouble, reporting eight of the 10 files as benign. Even well-known AV engines from Commodo, TrendMicro, Microsoft, Symantec, and Kaspersky Lab had problems.

But what does this mean in plain English?

This joins a long line of published examples of how relying on anti-virus products alone, is not enough to counter cyber-threats to your business. Countless high profile examples have been found where despite using off the shelf security software, data is lost/stolen or manipulated to sinister ends.

Does this mean we should get rid of anti-virus products? Absolutely not

Security products still block a large number of threats out there and even if they are not 100% effective. You should still use them.

What else can be done?

Ask your IT team or external IT provider the following

  • If malware gets past the anti-virus software, how long before it is discovered?
  • Should a hacker create a back-door into the business, what monitoring are you doing to catch them?

Depending on the response. You might need to take additional steps with them to beef up security, it is important to remember that there are two types of business.

  • Those who have been hacked
  • Those who don't know they have been hacked

Slide2

Prevention is good but what happens when that fails? We often fit CCTV cameras to property as a deterrant but also to detect when something happens. In cyber-security detection is an essential component that is often over-looked in favour of preventative measures.

Author image

Breffni Potter

I get to help my clients achieve their goals every day, whether they want to grow their business or just want to use technology without stress.