Proactive Security System - Part 1

Part 2 >>>

Rethinking online defense:

Proactive defense

The motivation of online attackers has morphed from graffiti to greed. International networks of skilled Internet criminals now design, sell and use sophisticated crimeware. Fresh attacks begin as soon as vulnerabilities become publicly known, and sometimes long before.

Reactive security programs can no longer keep up with the flood of emerging threats. There are literally millions of new variants of malware every year. There is no way that security software vendors can add new signatures (definitions) fast enough to keep up. And the scanners introduce new vulnerabilities of their own.

Like many others, I have changed from classic online defense to a proactive, behavior-based defense. As a bonus, it requires only two primary security programs. My computer is more responsive, and I am more secure than before.

It's time to revise online defense:

A small sample that shows the trend
Malware evolving too fast for antivirus apps
"Today's for-profit malware pushers use dedicated test labs and other increasingly professional techniques to improve their chances of infecting your computer. And the techniques they employ to outpace security software makers appear to be working."
Unsafe at any speed: 7 Dirty Secrets of the Security Industry
"The certification standards confirm that devices block 100 percent of all replicating malcode. The catch is that 75 percent of malcode coming into networks is non-replicating, such as Trojans. When the standard was set, non-replicating malcode represented 5 percent of malcode. Certification means [a product] caught 100 percent of 25 percent of the bad stuff."
Anti-Virus Firms Scrambling to Keep Up
"The sheer volume and complexity of computer viruses being released on the Internet today has the anti-virus industry on the defensive, experts say, underscoring the need for consumers to avoid relying on anti-virus software alone to keep their home computers safe and secure."
Talking malware with Eugene Kaspersky
How an online security leader sees the current battle against malware.
Windows and IE are no longer the only targets
Other programs are now targets for attack -- everything from security programs to media players are vulnerable.
Microsoft Office Under Siege
"Attackers and flaw finders are pounding away at Microsoft Office applications, discovering new ways to attack millions of Windows machines."
Another approach to online security that is similar to mine
"Gizmo" Richards has also concluded that the conventional "layered" approach to security offers diminishing returns.

Adding more security programs is counterproductive:

The risks increase faster than the rewards

Attackers now use "designer" malware to get past security software. They test each variant to make sure it is not (yet) detected by popular antimalware programs. The security programs fail to detect the new variants, but they increase the "surface area" exposed to attack. Signature-based antimalware programs can be a liability, not an asset.

It may be time to toss out your antivirus software
Any program on your computer, not just the operating system, can be open to attack. Antivirus programs can be particularly vulnerable, since they work with files directly.
Flaw found in Symantec antivirus software
"This flaw does not require any end-user interaction for exploitation and can compromise affected systems, allowing for the execution of malicious code with system-level access," said eEye in a statement."
Why popular antivirus apps 'do not work'
They don't work because attackers test their malware to make sure the popular antivirus programs don't detect it.
Dr.Web anti-virus link checker
This Firefox extension takes the virus scanning off your computer and puts it on the Dr. Web server (online computer). Use it when you have any suspicions about a website to visit or file to download.
Attackers Take Trojans to the Bank
Focused attacks are increasing, and anti-antispyware "bank Trojans" are becoming more successful.

Part 2 >>>