Yesterday's post referred to an article that contained an interesting quote: "The sheer magnitude of the issue of data security has rendered antivirus programs obsolete and ineffective. As such, no single technology can successfully serve to safeguard the network from the multi-dimensional nature of the menace of cyber crime."

Anti-virus software ineffective? Isn't that a little bold? Well, believe it or not, it might actually be true.

Most modern viruses of any level of sophistication are actively designed to circumvent your anti-virus software. This is no accident - the masterminds behind these attacks usually study anti-virus software packages such as Norton, McAfee, etc. and know their weaknesses. It's quite common for the first task of a virus that winds up on your system is to detect what kind of anti-virus you're running and then disable it.

However, this isn't even the biggest problem. The real problem is much worse because it is a fundamental one - anti-virus/anti-malware software is reactive, not proactive. They're much like a flu vaccine - you can't develop a vaccine until you come into contact with the virus. Thousands of people can become very sick before the virus is detected and a vaccine becomes available, and for those poor souls, it's too late. Likewise, anti-virus vendors must first capture a virus before it can develop an antigen. And this takes time. As the sophistication of the virus-makers increases, the longer it takes to detect and develop an antigen. Here is a chart from our friends at McAfee that shows an alarming trend: it's actually taking longer to develop countermeasures to viruses than in the past. The window of vulnerability is getting bigger!

Worse yet, vaccines aren't always guaranteed to prevent you from getting the infection. Much like real-world viruses, computer viruses mutate, and the virus becomes ineffective. One virus may have thousands of variations, and your anti-virus software is quite likely to miss one of these variations entirely. The proof is in the pudding. Everyone who has had a run-in with a virus or spyware knows that you often have to run two or three anti-virus/anti-malware programs (at a minimum) to actually eradicate a virus/spyware from your system, because no single program can detect each variation of a virus. And even then, it's not foolproof. I can vouch for this first hand.

This doesn't mean anti-virus software is bad. As a matter of fact, I insist that people use it. However, as the original article states, it's not good enough on its own. You need to supplement your anti-virus regimen with true proactive protection. To read more about proactive protection, you can see my article on the topic here.