Antivirus Tools Not As Reliable As Expected

Many consumers and companies believe themselves to be protected with an antivirus tool, but they may not be as reliable as they’re thought to be. Security company Damballa performed systematic scanning tests with 4 popular (albeit unnamed) antivirus tools, and the results are less than comforting. In performing constant scanning on files confirmed to be threats by Damballa, as much as 70% of malware remained undetected after an hour, with 7% still undetected a full six months later.

Visual for amount of threats identified over time

Visual for amount of threats identified over time

Previous studies have provided similar yields; a similar study last year has shown that common malware slips past as much as 50% of antivirus scanners, with many scanners not having virus definitions for them months later. The most amount of time before detection tends to be around two weeks, which still leaves a lot of room for vulnerability.

While antivirus tools appear to be unreliable, it’s also becoming increasingly hard for them to keep up. With tens of thousands of malware alerts each week, it’s hard to get everything out there, let alone investigate the more serious alerts. Antivirus users also need to be more proactive in responding to potential threats, as many corporations tend to shrug off what they believe to be false positives. To remain safe, security analysts recommend multilayered security in networks, beyond mere antivirus scanners. Methods such as “dynamic sample analysis” and “network anomaly detection” should also be used to complement existing security approaches, to minimize possibility of malware getting through.

-Maximillian McMullen (mrm8391)