Signature based anti virus protection is of little use in the present ear of sophisticated malware. Specially designed malware can fool any anti virus and firewall and these basic level cyber security mechanisms cannot protect the systems form getting infected. In fact, anti virus updates can be used as a potential tool to install malware, steal information and launch cyber warfare attacks.
As per a recent study, a majority of malware variants have been delivered through the web browsing, going completely undetected by anti-virus solutions. As per the report, web browsing is responsible for 90 percent of the fully undetected malicious files, taking anti virus vendors four times as long to detect the malware from web-based applications compared to emails.
If the crackers make a small change in the code of an existing malware, the signature based anti virus fail to detect the same. This is because the signature of such variant malware is not available in the virus definition database of anti virus and therefore these malware cannot be detected by these anti virus products.
Sophisticated malware like Stuxnet, Duqu, Flame, etc are well beyond the reach of these anti virus products. No matter whatever these anti virus products do, these malware cannot be detected in real time. They can be detected only after years of their use and some times they even remain operational as undetected malware.
At Perry4Law Organisation and Perry4Law’s Techno Legal Base (PTLB) we believe that companies must formulate a comprehensive and holistic cyber security policy. Cyber security cannot be left at the mercy of anti virus and firewall but it must be performed on a continuous basis. Incidence response and taking curative action is need of the hour.