Anti-virus software – friend or foe? At one point it was easy to say the odds were in favor of installing these programs, though it doesn’t seem to be the case anymore. According to various vulnerabilities researchers, dozens of reputable names in the antivirus software industry have released programs exhibiting major flaws that hackers can easily infiltrate. The irony is inescapable – companies like Kapersky Lab, Malwarebytes, Intel Security, and so on, have all been fingered in this report.
Here are the facts: these vulnerabilities don’t require user interaction in order to weasel into the network and begin their destructive projects. Rather, the hackers in question can use a number of different avenues, from injecting malicious code into visited websites to using USB devices with malformed files on them. This type of attack isn’t old news to governments around the world – the UK requested in 2008 that their Government Communications Headquarters be able to reverse engineer Kapersky anti-virus software to weed out the inconsistencies – nor is it to hackers on the World Wide Web. Documents have been created and sold with the very code needed to exploit these vulnerabilities, and though multiple groups have been caught and prosecuted there are still many more that continue to be active.
Some have come forward with patches or promises to fix the inconsistencies that left the openings there to begin with; however, it poses a major problem for companies that trust software will solve their security problems. This particular story is only one of the many real-life instances that show how paramount it is that companies utilize multiple checkpoints in securing their computers, databases, and network.
As an organization, there are a great deal of options that can be taken to ensure your network is as secure as possible. A major component of any cyber security plan is to not rely on one particular method – whether it is an IT team, anti-virus software, or other routes, companies need to be very aware that mistakes happen and checkpoints should be installed in order to mitigate the destructive properties or disallow them entirely. By having a firm come into your company and do a thorough cyber security consultation, not only will you have another set of eyes on the situation, but your company can continue to work unencumbered by the potential looming danger of a cyber security threat coming from your very own anti-virus software.