Malware is a very real threat that seems to be growing. Although newer versions of Microsoft Windows are always making progress in apprehending and preventing malware from spreading, its march forward is almost inevitable. The rise of the mobile era has also given rise to mobile threats, creating a whole new arena for aspiring hackers to shine. The amount of viruses that evade detection from security software has also become a problem, prompting us to ask the question: Are anti-malware applications worth the trouble anymore?
Microsoft: “Why, Yes!”
In its 2015 Security Intelligence Report (skip to Page 120 if you don’t want to read the whole thing), Microsoft demonstrates just how computers with anti-malware applications operating around the clock can reduce the rate of infection per 1000 scanned computers from an average of 35 (for unprotected systems) down to just above 10. This isn’t necessarily the most comprehensive data on computer security, but it does offer some perspective: you can certainly decrease your risk even slightly if you are using anti-malware. A ~60 percent drop in risk is still opening you up to a sizable possibility of infection, though.
How Malware Avoids Detection
Viruses, trojans, and all those other pesky pieces of software that make your computer act weird have several ways to avoid the detection of even the “smartest” sniffers on the market. One of these ways is by simply having the program sign itself with multiple stolen digital certificates to gain the credibility it needs to be allowed to do whatever it wants. Others change their “mutex” names frequently. HTTP malware tends to slip through detection methods rather easily because of the fact that no one expects it to spread through websites. Whatever the method, it’s clear that installing anti-malware won’t rid you of all the threats you could possibly come across. All the methods I just listed are so simple that a first-year programmer could easily apply them.
The Complacency Effect
Anti-malware’s inability to detect certain types of viruses isn’t the only thing that puts it at a disadvantage. In the world of computer security one must never underestimate the power of human error. As people surround themselves with more security, they become more complacent. The feeling of being surrounded by a moat of security with armed guards can be satisfying enough to lose sight of the fact that threats will constantly work to get around that security. This is why it’s always important to exercise prudence when browsing the Internet. Check the URLs to the links you click on, don’t open files you haven’t vetted, run things through sites like VirusTotal, and make sure you avoid downloading “.EXE” files that have been sent to you through messengers or email services (even if the message comes from a friend).
Why Anti-Malware Is Still Important
Despite sounding like I am on a rant against anti-malware/antivirus software, I strongly advocate the use of any defense you can get your hands on. Why? Because it puts a significant dent on your chance of infection that may make the difference between a nice day browsing the Web and a day wasted waiting hours for a technician to patch things up. My advice is that you don’t allow yourself to be complacent and to ensure that the software you’re using doesn’t end up slowing your system down more than the viruses it’s hunting for. (This happens a lot!) Other than that, anti-malware still plays a role in modern computing, although I’m not sure to what extent this will continue to be the case in the decades to come.
What do you think? Is anti-malware headed towards the dustbin of history? Tell us in a comment!