Categories: MalwareSecurity

New Studies Proving Non Immediate Reaction of Antivirus Tools to Threats

It has been outlined that most antivirus software do not detect all the malware and other threats that they should, leaving room for infection and motivating companies to look deeper for more effective solutions to the problem of online security.

The safety of an internet user against a threat of a virus infection is analogous to the use that you have on your computer. A computer with an internet connection is definitely an easier target for threats, in comparison to a computer that is simply used for off-line purposes. On the other hand, a computer that is updated regularly on the internet is definitely safer than a disconnected computer.

Recently, the Independent institute AV-Test issued an analysis that recorded 143 Million new malware samples in 2014 and 12 million new variants per month.

Computers that have specific operating systems, just like Windows, are more attractive to viruses. This is usually the case because most Windows users use their computer as Administrators, therefore they have the right to change their operating system. As a result of this action, the malware gets authorization to perform changes to the system on its own.  It is sure that even if you think that you are careful, it is not impossible for your computer to get infected with a virus that can harm it.

In fact, a recent study by security vendor Damballa that refers to the specific topic, thus the “power” of anti-viruses over companies that rely on them for the safety of their company’s systems, has been proven to be really disappointing as to its findings. To be more specific, this research has proven that the anti-viruses that are in use react really slow to the threats that infect their computers and so all the damage that was meant to happen has already happened.

“Damballa discovered that it can take more than six months for traditional AV tools to create signatures for 100% of the files.” reported Damballa.

The tests had been completed to four specific anti-viruses and have shown that a large percentage of malware threats has not been detected by the AV products and an hour after that Damballa has found them and detected them to be truly dangerous. One of the most surprising things that this research has proven is the fact that, even an hour later, 34 percent of them had the ability to “hide” from Antivirus products and the same situation continued after a whole day. Some days after that, Damballa highlights the fact that there were cases of malware files that were not able to be found, not even after six months.

“Damballa discovered that, within the first hour of submission, AV products missed nearly 70% of malware. Further, when rescanned to identify malware signatures, only two in three (66%) were identified after 24 hours and after seven days, the total was 72%.  It took more than six months passed for AV products to create signatures for 100% of the malicious files. The longer an infection dwells before discovery and remediation, the greater the odds of data exfiltration.” continues Damballa highlighting limits of defence based exclusively on Antivirus systems. 

Last year, malware researchers from Lastline Labs performed another study based on the speed of detection antivirus tools to new kinds of threats. This research also showed that a large percentage of new threats have not been able to be detected from antivirus software. This fact is not based on the lack of experience of researches, and of course is not based on some kind of “weakness” that antivirus scanners have. It is for sure based on the fact that the number if the creation of new kinds of threats cannot be compared to the number of the creation of the new anti-viruses.

After the specific studies, many of the companies that are supposed to use really good antivirus tools have been motivated and instantly started to look for other ways, in order to protect their computers and of course the really precious files that they possess. The ways that they used, such as sample analysis and network anomaly detection, has helped them to feel safer and keep their computers secure as the years pass by. Multilayered security seems to be the most effective tool that can be used, in the direction of safeguarding everything that is valuable and preventing online threats from actually damaging your computer.

Written by: Ali Qamar, Founder/Chief Editor at SecurityGladiators.com

Author Bio:
Ali Qamar is an Internet security research enthusiast who enjoys “deep” research to dig out modern discoveries in the security industry. He is the founder and chief editor at Security Gladiators, an ultimate source for cyber security. To be frank and honest, Ali started working online as a freelancer and still shares the knowledge for a living. He is passionate about sharing the knowledge with people, and always try to give only the best. Follow Ali on Twitter @AliQammar57

Edited by Pierluigi Paganini

(Security Affairs –  Antivirus, malware)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco warns of password-spraying attacks targeting Secure Firewall devices

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services…

2 hours ago

American fast-fashion firm Hot Topic hit by credential stuffing attacks

Hot Topic suffered credential stuffing attacks that exposed customers' personal information and partial payment data.…

6 hours ago

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

20 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

1 day ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

2 days ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

2 days ago

This website uses cookies.