Antivirus is terminally ill.
There are many who will say it's areadu dead (some will even say that happened a decade ago), that the bad guys have won and no one can trust antivirus any more. As a computer security professional, I wouldn't advise anyone to surf the web without it. You still need it to catch the third-rate malware that perpetually trolls the web but that's about all it's still good for.
The truth is that anti-virus is like penicillin, it's just not that useful against today's superbugs.
Malware is getting tougher to stop because the cybercriminals behind it are growing increasingly sophisticated. Twenty years ago, cybercrime was little more than Internet pranksters and Nigerian 419 email scams - today, it's a multi-billion industry supported by foreign governments, ex-spies and security agents, engineers, mathematicians and well-funded organized crime rings. These criminals are developing all sorts of tricks to make their malware harder to spot, which means the antivirus on your home or work computer is basically worthless.
How does a hacker make malware undetectable? There are a number of techniques for doing this, but the top three are "wrappers," "packers" and "crypters." A wrapper is a tool that combines the virus or other malware with a legitimate program such as a PDF, Word document or Powerpoint file. This allows the malware to trick you into thinking it's a legitimate file. With a packer, the malware isn't hidden - instead, it's simply shrunken to the point that it's so compressed the antivirus can't read its signature, or the unique code that lets it know it's a virus. Lastly, with crypters, the malware is locked behind a complex encryption algorithm which prevents the antivirus from seeing anything - it also makes it nearly impossible to analyze the malware later on.
It gets even worse. Black market sites now help criminals test their malware to make sure it won't be detected by antivirus when they try to infect your computer. These services test against all major antivirus products, like McAfee, Symantec, Trend Micro, Kaspersky and Bitdefender. These black market sites also offer a number of other services, like "crimeware" kits which offer ready-made malware, complete with 24/7 customer support, to help criminals hack their targets.
What makes this even more disturbing is that computers aren't the only devices being targeted, and malware is now able to "jump species" from one type of device to another. For instance, Android apps Superclean and DroidCleaner were able to jump from an infected Android phone to a PC in order to steal information. Researchers in Liverpool also proved that you could infect a WiFi router and spread the virus to every device that connects to it. Malware is now even used for sabotage. Stuxnet set a dangerous precedent by physically destroying centrifuges at an Iranian nuclear facility in 2010, while Shamoon "bricked" 30,000 computers rendering them completely useless and DarkSeoul erased data from South Korean banks and TV stations. With all of these advances, malware is pushing the envelope of sci-fi possibilities.
But what about the future of antivirus? While most people are ready to write it off altogether, within the next 10 to 15 years, the very notion of antivirus could be turned on its head. For instance, there's an industry-wide effort underway to develop systems that can predict malware attacks before they happen, sort of like the cyber equivalent of Minority Report's PreCrime division. The US House of Representatives just passed a bill last week that could help this initiative. Researchers are also looking into ways to trick some types of malware into deactivating itself once it reaches a PC, so that you wouldn't have to worry about blocking it at all. Of course, all of this is a ways down the road.
For now, consumers are largely on their own when it comes to stopping cybercriminals. You can't rely on over-the-counter antivirus to stop any of the advanced persistent threats and malware that are becoming so commonplace today. The only way to protect yourself is by being smart: use a dedicated laptop for online banking, use virtualization, implement two-factor authentication whenever possible, never reuse passwords (instead use a password manager), and backup all of your important data. And, assume that it's only a matter of time before you do get hacked, so that you have a plan in place for when it occurs.
Written by Michael Greg for The Huffington Post
More articles on online security: