There was a time when anti-virus software was the height of computer security, especially if you were a Windows user. But the landscape of threats has changed, and we live in an era of sweeping, global campaigns, like the ransomware “WannaCry” infection and the more recent Ukraine-focused “NotPetya” attack. What role does anti-virus and antimalware software play in keeping your machine safe? We spoke with four security experts to hear what they had to say.
Across the board, each expert still recommends using software that protects your personal computer from attack. But modern anti-virus software is not the last word in defending your computer; rather, it’s part of a multi-faceted approach involving some common sense steps to keep your machine and personal information safe.
No connected machine is totally immune
Bob Gourley, cofounder of the security consultancy firm Cognitio and veteran of the intelligence community, says that his company recommends that people install protective software, as it will mitigate the risks people face.
“There’s a lot of security professionals who will point out that anti-virus software will not stop everything,” he says. “That’s true—it’s not the last line of defence. But it helps keep the noise down.”
His specific recommendation is that Mac users may want to use Sophos, which has a free antimalware program, and that Windows users should think about Symantec. (I tried the free version of Sophos on my Macbook Air, and it detected a virus hiding in a text document attached to an email that the Mail app had downloaded. I deleted it.)
One issue that Mac users should keep an eye out for, according to Gourley? Adware. This type of code is typically picked up when using a software as a service, like email or other things that require logging into an account. FCC rules state that adware has to identify itself to prevent classification as “spyware,” but it’s easy to pick up some adware, especially if you speed through those terms of service agreements.
Run a modern system, and keep it updated
Like Gourley, Kurt Baumgartner, a principal security researcher with security company Kaspersky Lab (which makes products that defend against malware and viruses), recommends that individuals use anti-malware software.
While that may not be surprising advice from someone who works at a security company that makes anti-malware software, he also emphasizes the importance of keeping your computer’s other software—especially the operating system—up-to-date in the fight against malicious code.
Take the WannaCry malware attack, also known as WannaCrypt, which struck machines running Windows in May. Microsoft had already provided a software update about two months before, in March, that protected customers running operating systems like Windows 7 or Windows Vista from WannaCry. Machines that hadn’t been updated or that were running older versions like Windows XP were left vulnerable. And Microsoft says that users who were running Windows 10, the most current version of the operating system, weren’t affected by that attack.
As for a recent attack last month, called “Petya” or “NotPetya,” Microsoft said in an article that most of those infections happened in computers running Windows 7.
Don’t forget to keep your anti-virus software, like Windows Defender, updated too. The software can’t fight a threat it doesn’t yet know about, and that information is typically found in regular updates.
Make yourself a smaller target
Tomer Weingarten, CEO and cofounder of security company SentinelOne, is lukewarm on the benefits of consumer anti-virus or anti-malware protection software. He recommends it as a better-than-nothing approach.
“Right now, attackers have evolved much beyond the current protections that all of us can install,” he says. “Even if we keep up-to-date with all the signatures, and whatever mechanisms that they offer us, it still becomes very problematic for them to deal with unknown attacks.”
As for the idea that the Macs and macOS is inherently more resistant to attacks, Weingarten is skeptical. “It’s really more about the fact that attackers are targeting the biggest bang for buck, and right now it’s the Windows system,” he says. In short, Windows offers “more targets,” according to Weingarten.
And while he emphasizes how crucial it is to keep your operating system updated, he also has another simple solution for people who may not be the most security proficient, and just want to do tasks like send emails: Use an iPad and a keyboard.
That’s because iOS, which powers iPhone and iPads, is “the one operating system that we can say is inherently more secure,” Weingarten says. The closed-down environment of iOS makes it impossible for someone to run foreign code on that device, unless, of course, it is through the highly-regulated official App Store. The only other way to run foreign software on the device would be if an attacker has a pricey and rare “zero day” exploit that could do so, meaning that a malevolent party has had found a way to exploit a vulnerability that has not yet been patched.
However, relying on an iPad or iPhone still doesn’t protect someone from clicking on a malicious link that then takes them to a dummy site, prompting them to enter personal information. In other words, vigilance and common sense are still key.
Think about your email provider
In the movie Shrek, the film’s namesake famously compares ogres to onions. Why? Because they “have layers.”
Like an ogre (or onion), good security has layers, a point that Shalabh Mohan, vice president for products and marketing at Area 1 security, emphasises. Area 1 sells protection to companies against phishing attacks; phishing attempts happen when you get an email with a malicious link in it, or are asked to enter your username and password on a website that impersonates your bank’s, for example.
Mohan says that software that protects your personal computer (or endpoint, in the industry jargon) is just part of a “layered approach.” The first step, Mohan argues, is recognizing that phishing attacks are the most common way that attackers get into your system.
The next step is easy: being smart about what email service you use. Mohan points to both Google and Microsoft as good choices, because they help prevent phishing in their Gmail and Outlook.com email services.
“Folks like Google, Microsoft have inbuilt controls and security that go way above what an end user could do themselves,” he says, meaning that phishing emails may just get filtered out before they reach you. Anti-virus software like Sophos and other network security systems can also help protect against phishing attempts.
And for security-conscious people concerned about their entire home network, devices like a mesh-network Wi-Fi system from Eero, or the forthcoming Norton Core Router, bundle security protection together with a wireless network.
In short, perhaps the smartest approach to protecting your machine in the current climate is to install anti-malware software, but also to take other steps, too, like using a solid email provider like Gmail, keeping your operating system up-to-date, and being vigilant and using common sense against phishing attacks.
Finally, back up your data, so in a worse-case scenario in which a computer is infected by something like ransomware, a savvy user could wipe their computer, install the operating system from scratch, and then restore it from the backed-up version. That’s no fun, but it’s better than losing everything.
source: popsci.com By Rob Verger