Senior vice-president for information security at Symantec, Brian Dye, admits that hackers have finally won the anti-virus wars. The security giant can no longer keep up with the number of new threats and is shifting their efforts away from detecting known attacks to focus more on active protection.
According to Piero DePaoli, director of product marketing for Endpoint, Messaging & Web Security at Symantec. “Antivirus is the foundation for catching known threats. But, a majority of the things we see today are new and unknown and specifically designed to evade your traditional antivirus.”
Symantec admitted that 55% of today’s attacks are getting through, a pretty scary admission from a company that still sees antivirus software account for as much as 40 per cent of its annual revenues.
Semantec officials say that the biggest hole in security is still coming from users themselves. Targeted attacks — many of which leverage a person’s Facebook, Twitter or other online accounts to engineer an online attack against the individual — have become increasingly common. With users clicking on links, opening files and visiting websites, despite often being warned by their anti-virus programs not to, the effectiveness of antivirus software is waning.
According to 2014 Symantec’s Internet Security Threat Report, 2013 was a turning point in the war against hackers. The year saw a 62% increase in the number of data breaches reported, accounting for the personal details of 552 million people being exposed in a number of “mega” high-profile electronic heists, including a major breach at Target stores, according to Symantec.
Symantec found that spam email volumes dropped to become 66 per cent of all email traffic. It accounted for more than 90 per cent less than two years ago. However, targeted attacks against individuals increased by 91 per cent, as hackers have discovered that laser-focused attacks yield a better payout than the scattershot approach that spam email campaigns have produced in the past.
Hackers are also now targeting certain professionals in hopes of using them as stepping stones to access higher-profile people. Executive assistants and public relations professionals are the two most targeted professions for hackers who hope to leverage the contacts and networks that those professionals hold in order to gain access to corporations and executives where they can then steal information or cash.
It’s not surprising that Symantec is throwing up its hands in frustration. Their battle has been uphill since day one, and the situation is getting worse. There are so many attack vectors that a hacker can use to gain access to data that there is no possible way to plug all those holes without ‘going off the grid’ (and even then attacks can come from thumb drives or other removable media).
And now that we are connecting more and more devices to more and more services a security breach in one place can (theoretically) propagate throughout our connected life. Hackers (and those trying to thwart them) have shown that just about anything with a chip can be hacked – from cars to mobile devices to Internet-based security systems. Eventually someone will hack a ‘smart’ home and commandeer the automatic coffeemaker and refrigerator.
Thanks to Vito Pilieci at the Ottawa Citizen for covering this story. You can read his post here.
UPDATE: Symantec took issue with the title for this post and politely asked us to clarify their position on anti-virus software and what they actually meant. In an official Symantec statement they said:
"The era of AV-only is over. Companies need comprehensive attack prevention that integrates the full range of security technologies. Symantec led the first era of security with antivirus, and it continues to be an important part of our portfolio. Combined with intelligence and other technologies we are pioneering, we can solve larger customer problems that point based competitors simply cannot do."
So, sorry about that Symantec. We understand that security these days is a tricky business and we appreciate that companies like Symantic are still trying their best to protect us all.