To browse the internet safely and keep their computers properly up to date, users have a great ally: antivirus software. This quick guide will help you understand the value these tools provide, the protection they offer, and how to make the most out of them.
Nowadays, it’s hard to find a personal or corporate computers that doesn’t run some sort of antivirus software. Users are familiar with the updates that are periodically executed. But, do we take advantage of all the possibilities that AV software offers? This article reviews the main features of this type of security software that you should be aware of to make the most of them.
When was the first antivirus created?
The history of antivirus software is, of course, linked to the history of computer viruses or 'malware'. Prior to the 1980s, some experiments had been conducted with programs able to automatically spread between computers, but it was during this decade when the first viruses capable of deleting data or disabling systems were created and launched. The first commercial antivirus software programs hit the stores shortly after. One of the pioneering companies was G Data, a German company that in 1987 developed a product to safeguard Atari computers. That same year, McAfee released the first iteration of its wildly popular 'antimalware' suite, VirusScan.
How do antivirus software programs work?
The main purpose of AV software is to is to detect, neutralize or eradicate malware (or 'malicious software) from computers and devices, even before the system becomes infected.
To identify a malicious attack, an antivirus software will run scans comparing the files stored in the operating system of its host computer with a database containing the distinctive features (or 'signatures') of previously detected instances of 'malware'. This database must be updated regularly to include the signatures of the new types of 'malware' that constantly emerge.. Some antivirus software, in addition, have the ability to detect threats by identifying patterns in files, locating system alterations and monitoring computer component behavior.
Today’s antivirus software packages therefore fulfill a double mission: analyzing, one by one, the files stored in the computer against the signature database, and monitoring the device to detect any unusual activity.
Contrary to what one might think, having more than one antivirus installed on the same device is detrimental. This is because antivirus packages can mistakenly detect as 'malware' - and therefore attempt to block - each other, leaving devices unprotected.
What threats do antivirus programs keep us safe from?
Antivirus software programs protect against several types of malware:
- Viruses are malicious software in camouflaged as user files. They are designed to access computers without consent or knowledge from users and usually intended to steal information, delete documents or change settings.
- Computer worms are programs capable of replicating functional copies of themselves through a network, with the aim of causing both computers and computer networks to collapse. One of the most successful worm attacks took place in 2000 and infected over 50 million computers, causing losses totaling over €5 billion. It spread as an 'email' message with the subject line "ILOVEYOU" and the attachment "LOVE-LETTER-FOR-YOU.TXT.vbs.” Opening the attachment executed the code, hijacking the host computer and forwarding the message to all the user's email addresses. Thus, it spread across the world in just 24 hours.
- 'Trojans' are a type of 'malware' concealed under the appearance of legitimate software which work properly. When executed, a Trojan allows the attacker to access the computer, and even to control it remotely.
- 'Spyware' is, as its own name indicates, a spy program that infects computers and devices to collect all sort of user information: habits, personal information, bank information, etc. Keyloggers are a type of spyware: a malicious program that, once installed, records all keystrokes made by the user. This technique is widely used to steal credentials.
- Ransomware is a type of malware that hijacks the information stored in the computer, perpetually encrypting and blocking the files unless their Rightful owners pay a ransom. The biggest 'ransomware' attack took place in 2017. The WannaCry ransomware cryptoworm infected thousands of computers in more than one hundred countries and resulted in costs estimated at more than €200 million.
How do viruses spread?
The most common way viruses find their way onto computers is through emails. All it takes is for the user to download an attachment or install a program downloaded via a malicious link to get the host computer infected with malicious code. To prevent this from happening, it is very important:
- Be wary of emails that may seem in any way suspicious (from unknown senders, unexpected emails urging to take action, containing an unusual amount of spelling errors or awkward sentences.)
- Activate 'antispam' filters to block unwanted or harmful mail and be careful when opening an email tagged as such.
- Think twice before downloading attachments.
- Before clicking on a link included in an emails, hover over the mouse to check the address to which it redirects.
Another typical vector of infections is any piece of software downloaded from unofficial sources devices when downloading and installing programs that come from untrustworthy sites, that appear in pop-up windows or in advertising or included in emails from unknown senders.
Plugging infected external devices to your computer - normally a 'pendrive', disk drive, or any device that you are not sure where it came from or lent to you by other people - is another typical way of getting your computer infected. And also vice versa: When you plug your devices to unknown sources such as public charging stations.
How effective are antivirus?
There are no fully effective methods to protect users against 100 percent of online 'malware' threats. Cybercrime is a very lucrative, ever evolving business. To keep up, antivirus companies need to constantly update their signature databases and quickly come up with new detection algorithms to detect new threats as they emerge.
An antivirus alone is not enough to protect your computer. You need to develop safe habits and never let your guard down against social engineering attacks, such as phishing emails and vishing attacks via phone call. In short, an antivirus cannot protect you against deception techniques used in social engineering assaults.
On which devices should you install an antivirus?
The number of connected devices and appliances grows on a daily basis and they are all exposed to being infected with some type of 'malware'.
Besides laptop and desktop computers, it is highly advisable to use antivirus software on mobile devices such as 'smartphones' and tablets, and on any connected devices. There are already some antivirus programs that monitor household data traffic to protect cameras, SmartTVs, printers, consoles, etc.
Which antivirus should you choose?
There are plenty of free and paid security alternatives in the market. The Internet Security Office publishes a comprehensive analysis of the free antivirus suites available and their features, to help users choose the one that better meets their needs. Most of these free antivirus also offer subscription services for additional features such as password managers and automatic program updates. In addition, paid antivirus platforms do not show ads.
Users can also check many articles online that rank the best antivirus suites based on the results they have earned in technical tests. One example is the list published by specialized publication Virus Bulletin or trustedantivirusreview.com, which also collects user opinions.
For more generic advice on computer, tablet and smartphone maintenance, American nonprofit Privacy Rights Clearinghouse has published a comprehensive privacy protection guide on its website.
And finally, what type of maintenance does an antivirus require?
The only maintenance antivirus software programs require is to enable periodic updates. New virus threats emerge every day from all across the globe. As soon as they are detected and analyzed, antivirus publishers include them in their signature databases to effectively protect users’ computers, devices and objects connected to the Internet.
In conclusion, antivirus programs are becoming increasingly sophisticated and provide a very high level of security: they are, without a doubt, the best ally users can rely on to protect themselves from 'malware' attacks and their consequences. But remember: the first link in the security chain is still the individual.