Since the dawn of the information age, bad actors have worked relentlessly to develop viruses and other malware to attack computer systems. The cybersecurity industry has invested billions of dollars to combat this scourge, mostly responding reactively to threats but never getting ahead of their adversaries. This five-decade-long game of cat and mouse has mostly revolved around one product: antivirus software. While antivirus is the hero in this story, it has always had some fatal flaws that have kept it one step behind. However, recent technological developments are turning this into a story of how our hero levels up and wins the fight against the hackers.
When traditional antivirus software defends your computer, it does so by scanning your entire computer, comparing each file with a database of all known viruses. During this scheduled (often once per day) scan, your CPU and hard drive go into overdrive as the scan makes complex comparisons and decisions, slowing down performance on other tasks. If the scan finds a suspected virus, it quarantines or deletes the file.
The primary problem with this approach is that new threats are discovered every day, so even the most up-to-date databases will miss new threats from time to time. Additionally, your computer may be offline during its scheduled scan and miss downloading the latest definitions. Finally, the impact of the scan on your computer’s performance often slows you down at the worst possible time, or prevents other resource-heavy apps from functioning properly. We don’t want our hero to shut down the city every time they hunt down the villains.
What’s the solution? Over the last few years, our hero has undergone a major upgrade, shifting from reactive to proactive. Enter behavior-based antivirus. Security experts have realized that while viruses all look different, the symptoms of their behavior are almost always the same. Attempted permissions changes, high resource usage, modified operating system files, ransomware encryption patterns, and suspicious network activity are all classic signs of malware. When modern antivirus sees this behavior, it immediately blocks the application, regardless if it’s a known threat or not. This shift in strategy has been a major game-changer, allowing our hero to turn the tables and start winning the fight.
With the continued growth of devastating attacks like ransomware, having behavior-based antivirus can be the difference between an uneventful day at the office and a complete business catastrophe. In fact, in a recent widespread ransomware attack, we found that behavior-based antivirus shut down the malware completely while traditional antivirus was almost completely ineffective. At Kinetix, we feel it’s critical to keep our clients up-to-date with the most important technologies and thus, have decided to begin including behavior-based antivirus software and 24/7 monitoring as part of the Security Essentials package for all clients. If you have any questions about this technology or our Security Essentials service, please contact us or email us at firstname.lastname@example.org.