Cyber security (or computer security) is a generic term that indicates any strategy for protecting systems from attacks aimed at the theft of money, personal information, system resources ( crypto jacking , botnet ) and a whole host of other malicious activities. The attack could involve hardware or software components, or use social engineering . Although today's cyber threats and countermeasures to combat them can be quite varied and multifaceted, the market tends by nature to simplify communication with consumers as much as possible. Antivirus software this is why many people still believe that "viruses" pose the greatest threat to their computer. In fact, viruses are just one type of cyber threat, which happened to be very popular in the early days of the computer age. While they are by no means the most prevalent threat nowadays, the name has stuck. It is a bit like calling any illness a "cold". Antivirus software good or bad? Today, antivirus software (AV) or more precisely, antimalware software, is more sophisticated, and some security experts will say, begrudgingly, that tools like Windows Defender are “mostly good enough” for defending home PCs, where usually little protected information is stored. But for True Vault, “mostly good enough” security is inadequate for protecting our client’s sensitive data. In this blog post, we explain the inherent fallacy of using AV software as a security tool, and introduce some of the enhanced security measures we have taken to ensure that personal data stored in our Secure Vault remains protected. antivirus software Antivirus Creates an Unrestricted Backdoor To Your Computer Installing Antivirus software requires giving a third party system unlimited access to your computer or network servers and whatever information is stored on it. Meaning, if the AV is compromised or goes rogue at any point, it can cause immense damage because of its unlimited access to your system. Tavis Ormandy is a Google Security researcher who prods commercial software for vulnerabilities. Ormandy has identified countless bugs ranging from the sinister to the embarrassing in AV software throughout his research. For example, in 2015 the free AV software Panda Antivirus mistakenly flagged itself as malware, and caused core functionalities to its users’ computers to be destroyed. In 2010, McAfee reportedly made a similar mistake, rendering even more computers inoperable. In these situations and others, security expert’s note that computers would have been more protected had AV software not be installed in the first place. It is embarrassing for an AV company to inadvertently delete all of a client’s computer files, but it’s another thing entirely when a bad actor gets involved. Antivirus Software Is Always One Step Behind Aside from creating a backdoor into your system, AV is a reactive, not proactive, approach to security. Traditional AV largely relies on static signature-based detection to identify any corrupt software in a computer’s system. The caveat is that the AV tool needs to know what to look for well before they begin their search. A simplified description is that an antimalware tool will look at a database storing all known malware signatures and scan your computer’s code to see if anything has been corrupted. So, what’s the problem? The problem is this model requires being one step ahead of virus makers, when in reality, it is the virus makers that are almost always ahead of the AV makers due to a fundamental flaw. VirusTotal is a free tool that intends to help the consumer check if a file on their computer has been corrupted. A simplified explanation is the user uploads a file, Virus Total scans it using the available AV and antimalware tools, and reports back on the health of the file. Virus makers have taken advantage of this tool and others like it by uploading the virus they’ve written, and then manipulating the virus until it is obscured enough that it will pass through most AV tools undetected. This means virus makers are able to see that their attack will succeed without AV makers ever knowing an attack is coming. In short, AV is a security tool that is perpetually reactive, meaning there will always be fundamental failures in the security protocol. personal data fraud To address this limitation, most AV software tries to detect unusual software behaviors. For example, it might block a process that has never run before or flag attempts to access many sensitive files in a row. Though more sophisticated than traditional signature-based detection, this approach is equally flawed. The AV tool may detect something that seems fishy, but intent cannot be assessed. Is a process changing an application file because a developer pushed code, or is malware trying to infiltrate the connection? AV software will never be able to determine the full story behind a set of actions by looking at the behavior of an application. fraud prevention UK Anti-virus programs typically work by identifying infected files and placing them in "quarantine," which blocks access to and from the file. This is the case with Norton Antivirus: you purchase a license to install the program, place it on your company's workstations, and it monitors those computers with up-to-date virus definitions. But these definitions might mistakenly catch a file that is not infected. In this case, you must manually go into the Norton quarantine section and restore the file to unblock access.