The Computer Emergency Readiness Team of the U.S. Department of Homeland Security said last week that anti-malware technology was losing the ability to protect data and devices and that commercial security software could compromise protections already built-in on home computers.
The July 5 warning named Symantec antivirus software, much of it under the Norton brand, saying Google researchers had found serious vulnerabilities, according to the Canadian Broadcasting Corp.
But researchers from Concordia University in Montreal say vulnerabilities exist in many other commercial virus protection programs, including AVG, Kaspersky and BitDefender, the CBC said.
“Antivirus is getting increasingly useless these days,” said Stu Sjouwerman, who heads up security training company KnowBe4.
“These vulnerabilities are as bad as it gets,” said Google researcher Tavis Ormandy in a blog post.
“They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible,” he said.
Symantec says it addresses the issues in updates it advises users to install.
But It’s not the only way commercial security software can make your home computer less safe, the CBC said.
Concordia professor Mohammad Mannan and one of his PhD students recently presented findings at a security conference showing that some software packages actually disable some built-in security features on internet browsers to better enable scanning for encrypted connections.
Mannan said at the Network and Distributed System Security Symposium in San Diego in February that the software often doesn’t adequately compensate for the features it inactivaztes.
“We were surprised at how bad they were,” he told the CBC.
“Some of them, they did not even make it secure in any sense,” he said.
BitDefender’s Alexandru Balan told CBC that his company’s encrypted content scanning offered good protection against threats but agreed that antivirus programs needed to be constantly updated.
Kaspersky said it was reviewing the research and AVG said it had already changed its software in response to the revelations.
But Mannan said he does not use any virus protection on his machines and hasn’t for years.
“I don’t see any clear advantage of using them,” he said.
None of the vulnerabilities reported by Mannan are known to have been exploited, CBC said.
J. Paul Haynes cybersecurity firm eSentire Inc. of Cambridge, Ontario, said protection offered by antivirus software only protected against 10 percent of threats due to the growing sophistication of cyber-criminals.
“It gets a little worse every day, every week, every month,” Haynes said.
But even limited protection might still be worth the cost for corporations, he said.
Experts suggest that computer users back up nonsensitive data and photos to the cloud and keep sensitive material on a separate external drive not connected to their computers, to ensure that they can go back to a previous version if they get attacked by ransom-ware or another threat; remember to keep browsers and operating systems updated; and not to click on links or attachments unless they’re sure about them.
