Do you need antivirus today?

Do you need antivirus today? That was a question I was asking myself the other day when I tried and failed to remember the last time I actually found a virus on a computer.

Let me back up a little and define what I am taking about. There is a critical difference between a virus and other types of malware out there. For the sake of this discussion I will break everything into two, and only two, categories.

A virus is a program or piece of code designed to do two things; cause damage and replicate. It may steal information as a side effect but only after replicating and either causing damage or preparing to cause damage when some certain criteria is met (such as a specific time or specific event). This is generally written by someone who is young and enjoys the thrill of seeing their creation cause damage. Basically they get their jollys at the suffering of others.

Malware on the other hand has a different pair of objectives; earn money and replicate. This program or code can be written by some guy wanting to make a few bucks by stealing and reselling your credit card information, or it could be written by a multi-million dollar corporation out to make millions more.

Yes, that is right. Malware creation is big business over seas. There are entire corporations occupying multistory office high rise buildings whose entire goal is to fleece you out of as much money as possible.

How can this be legal you ask? In the US it isn’t. Overseas it could be totally legal or simply ignored. Sorry, but your financial well being is not really a concern to most small third world countries who don’t even have enough in their budget to feed everyone much less track down the guy who swindled you out of $25. Move on.

Now that we have the definitions out of the way lets discuss the history of the two.

Viruses have been around roughly as long as computers. As long as there has been a system to secure, there has been something to secure it against. In fact, the Creeper Virus is considered the first virus and was written in 1971 by Bob Thomas. The Elk Cloner virus was the first personal computer virus to appear in the wild in 1982, written by Richard Skrenta.

In May of 2000 the first piece of malware to make it into the public spotlight was Loveletter. This introduced the world to profit motivated software infection.

Today we have run full course finding almost no existing viruses and a huge amount of malware. In a PC magazine article in 2014 it was mentioned that there were over 83,000 new malware strains released the previous year, per month. That’s right, per month. It is indeed big business.

I talked with a colleague the other day about this turn of events and we agreed on several very important points. First, that neither one of us could accurately remember the last time that we saw a virus infection. Second, that neither one of us could remember when we used an antivirus program to remove or repair a problem with a customer’s machine. Not one single time in years. When I asked him do you need antivirus, he thought long and hard and said maybe not.

Our office has run a variety of antivirus solutions over the past ten years, including solutions from such manufacturers as Norton (Symantec), Kaspersky, BitDefender, Vipre and Avira. Know what the first software is we run when an infected machine comes in to the shop? Malwarebytes anti malware.

This got me wondering how much of us running, selling and installing antivirus software is reflex rather than something that actually has any use. What would my boss think with losing the income from antivirus renewals if the customers knew it was useless? At least that girl in the office who was supposed to keep track of the antivirus expiration dates and never did could relax.

There is a serious problem with trying to put science to this theory, no one seems to have the same definitions of viruses and malware. For example the statistics at Statistic Brain Research Institute show that roughly sixteen million households in the past six months from April 2015 have had a “serious virus problem”. They then go on to say that almost nine million of those infections are from the Conflicker virus.

The problem here is that the Conflicker “virus” predominately installs two payloads; a spambot to send out spam mail (of course to rake in the money through advertising) and SpyProtect 2009 which is a fake antivirus trying to get you to purchase the product to disinfect the computer. Both of these I classify as malware as they are aimed at producing income for the owner of the malware.

On another site however it shows 6.43% of all attacks are viruses compared to 80.77% trojans, 9.31% worms, 2.89% adware/spyware and .6% other. Even these number do not match what we see in the real world every day.

Amazingly enough even checking the MacAfee Antivirus website shows that not one of the six listed most recent threats is a virus. Checking Symantec’s threats security response webpage shows several listed viruses, including a lot of variants of the Cryptolocker which is decidedly a malware program that encrypts your files and requires payment to unlock them. This is not virus behavior, this is ransomware, a form of malware.

It stands to reason that the antivirus manufacturers would put the virus name on anything and everything they can in the hopes you will purchase their products. They have a vested interest in answering a resounding yes to the do you need antivirus question. The truth however is not that clear. If you get hit by the cryptolocker “virus” and it encrypts your files, the best thing your antivirus can do is to NOT remove it.

Why do you not want your antivirus to remove the cryptolocker? Because once the program/infection is removed, there is no longer any way to unlock your files, for any amount of money.

So what do we do, not run any antivirus at all? Maybe.

The truth is that a large portion of the problems we face is from not keeping our software up to date. Reports show that malware targets software back doors and coding errors; 35% Adobe Acrobat Reader, 25% Java, 11% Windows components, 4% Internet Explorer and 4% Android among others.

The good news is that antivirus software manufacturers are starting to get the picture and are building more anti-malware into their products. When you couple that with the firewall and anti-spam built in to some of the upper end products sometimes labeled as Internet Security or Total Security you might actually got a product that does something to help you.

So how can you stay safe?

The first thing you need to do is always keep your software up to date. The next thing is to never open email attachments unless you are 1000% sure of what it is and who it is from. Never download free software (although there is some good free software out there, novice users usually don’t know the difference). Lastly, stay off of non-reputable websites. Then, and only then, should you consider your security software such as antivirus.

Another thing you can do which I hate to mention is run an ad blocker. Yes, I have ads on this site and yes if everyone who visits this site takes my advice I will lose money. Still, ad blockers not only speed up your browsing and remove distracting garbage off pages, but they protect you from attacks by hijacked ad servers which happens more often than you think. You can always disable the ad blocker for specific websites (like this one, PLEASE!).

Some down sides to running an ad blocker is that it introduces another piece of software which can cause issues, causes problems with some sites which refuse to allow you to read articles if you are running an ad blocker, and of course you harm people who are trying to provide free content for you (like me) that are also trying to earn a living.

If you want to run an ad blocker I personally recommend AdBlock Plus which is available for Firefox, Chrome, Internet Explorer and Safari among others. It is also completely free.

Personally I believe that a fully up to date system running an ad blocker, being smart about where you go and what you do, running no security software at all is far safer than running the best antivirus in the world with out of date software and not practicing safe surfing.

Now that we have discussed the question of do you need antivirus, next we will discuss the difference between paid and free antivirus and see if there is enough protection difference to pay for.

What do you think, do you need antivirus?