Why you need more than AV alone!

To protect yourself and your business, you need more than just AV products. Find out why?

Do you know how an anti-virus works? All anti-virus products protect your computer through two mechanisms

  1. Signatures
  2. Sandboxing

 

AV companies collect viruses from the internet using honeypots and  then create a unique signature for that virus or suspicious program. So if a program does not have a known signature then it gets past the first level of protection.

If a virus or program has no signature against it in the AV product database then it is executed in a controlled memory area called a ‘sandbox’ where it is monitored. So if a malicious program does nothing out of the ordinary for a period of time it will be considered legitimate.

Finally, not all AV products are the same, by that I meant some are harder to bypass then others. In the video,  I show an up to date Microsoft Security Essentials being bypassed and a command prompt being sent to an attacker. Microsoft Security Essientials is one of the hardest to bypass, it is a better AV than quite a lot of paid products.

You may well think that no one would be silly enough to download an executable file but it does happen, people can be convinced via social media such as Twitter and Facebook. However, the most common route of infection is via a ‘DriveBy’ download attacking their browser with the same result as shown in the video.

 

Comments are closed.