Businesses face a cybersecurity threat landscape that is constantly evolving.
In early December, researchers at anti-virus firm ESET disclosed an exploit kit called Stegano that targeted millions of readers who visited popular news websites and infected machines via malicious banner ads. The malware script is cleverly hidden among coded parameters that govern the transparency of pixels in the ads. ESET said “there are advertising banners with ‘poisoned pixels’ leading to a new exploit kit, intended to enable the bad guys to remotely install malware onto victims’ computers.”
Malware like Mirai, which can infect poorly secured connected devices and then turn them into botnets to carry out distributed denial of service attacks, is wreaking havoc with U.S. commerce. In a world in which threats like that are proliferating, what are businesses to do?
A key line of defense, though certainly not the only one, is to install anti-virus software. BizTech is offering up a primer on anti-virus protections and what you need to know to keep your organization safe:
Anti-virus software has been around in its modern form since 1987, and, as Lifewire notes, “is designed to detect, prevent, and remove malicious software, aka malware. The classification of malware includes viruses, worms, trojans, and scareware, as well as (depending on the scanner) some forms of potentially unwanted programs (such as adware and spyware).”
By using a database of virus signatures, or patterns that are unique segments of malware code, anti-virus software helps organizations and individuals block and quarantine malware before it can infect files and systems. Over time, anti-virus software has evolved from being purely signature-based to more dynamic and behavioral-based, Lifewire notes.
Businesses have many options when purchasing anti-virus solutions, and will benefit most by deploying anti-virus software that meets their needs in terms of protection, scale and cost. Businesses can work with solutions providers like CDW to conduct security assessments that may reveal vulnerabilities that can be patched with anti-virus software and other protections.
As Lifewire notes, a business should ensure that any anti-virus solution it purchases has received certification from the three major certification authorities — Checkmark, ICSALabs, and VB100 — and that it performed well on the tests conducted by AV-Test.org.
There are many options for businesses, including both free and paid anti-virus services. The range of providers includes Avast, AVG, BullGuard, Bitdefender, ESET, F-Secure, G Data, Kaspersky, McAfee, Panda, Sophos, Symantec and Trend Micro. Different sites offer reviews on all of these programs, but which one to pick ultimately comes down to the needs of the business.
Businesses need to uninstall existing implementation of anti-virus software before installing a new product. That is often because many anti-virus programs will not install if they detect existing anti-virus software on your machines.
It is not wise to deploy more than one anti-virus scanner on your machine. Doing so can take up valuable computer resources, especially system memory. Additionally, as Microsoft explains, “they might even identify each other as a virus, which could lead to file corruption or other conflicts and errors that make your anti-virus protection less effective — or not effective at all.”
Similarly, Kaspersky warns that “a competing anti-virus program that is monitoring and sending information about your system tends to look like a virus, so it will attempt to block it and remove it.”
There are many kinds of viruses that can infect your company’s networks and devices, but all viruses are designed to change the way a device operates without the permission or knowledge of the end user.
According to cybersecurity firm Symantec, all viruses must meet two criteria: they must execute themselves, which often involves placing their own code in the path of execution of another program; and viruses must replicate themselves, often by replacing other executable files with a copy of the virus infected file.
Viruses can infect computers and other devices as well as network servers alike. “Some viruses are programmed to damage the computer by damaging programs, deleting files, or reformatting the hard disk,” Symantec notes. “Others are not designed to do any damage, but simply to replicate themselves and make their presence known by presenting text, video, and audio messages. Even these benign viruses can create problems for the computer user. They typically take up computer memory used by legitimate programs. As a result, they often cause erratic behavior and can result in system crashes.”
Some viruses are designed with bugs inside of them, which may lead to system crashes and data loss, Symantec notes.
There are different classifications of viruses, but most experts agree that there are several broad categories:
As Computerworld notes, for many years anti-virus providers were able to update their malware signature databases faster than such malware could spread across the internet.
Yet times have changed, and malware can spread faster than ever before, and before anti-virus providers can even detect it.
Additionally, “virus authors have learned to produce variants, which are versions of their illicit programs that function the same way, but have deliberate changes in their signature to evade anti-virus programs,” Computerworld notes. “Because much of our malware is now distributed in kit form, even a novice can produce a malware variant and get it out on the internet very quickly.”
Beyond anti-virus programs, there are multiple tools that businesses can use to ensure their security. Organizations need to take a layered approach to their security to ensure they cover any gaps. These interventions include firewalls, endpoint security, cloud security and more.