Does Antivirus software keep up with viruses?

How good is antivirus software and keeping up with new viruses?

Antivirus software developers are up against a huge onslaught of new viruses every day. I just read an article by Andreas Marx of AV-Test.org that illustrates just how pervasive viruses have become. For example, he says that the number of malware samples tested by AV-Test has increased significantly from 330,000 in 2005, nearly a million in 2006, to roughly 5.5 million in 2007. The Washington Post recently reported that Trend Micro analyzes between 2,000 and 3,000 new viruses each hour. These figures don’t bode well for antivirus software developers.

Trend Micro in its report, 2007 Threat Report - 2008 Threat and Technology Forecast, attributes this increase to the emergence of professionally written and socially engineered threats by cybercriminals.

However, antivirus developers aren’t sitting by twiddling their thumbs. The antivirus industry has responded by actively pursuing more efficient virus detection technologies including behavior based technology. In addition, virus pattern definition updates are being distributed more frequently than in the past. It wasn’t long ago that weekly updates were considered adequate. Today, daily and even hourly updates are fast becoming the norm.

Because of the relentless assault by organized, professional malware makers, the antivirus industry has had no choice but to fight back by changing their detection models. Trend Micro’s report outlines their technology forecast along with changes required to keep pace with the cyber criminals. Among the technologies in development are:

Web reputation technology
E-mail reputation technology
Botnet identification and behavior monitoring technology

These technologies are referred to as “in the cloud” technologies and deal with the threats at the source before the traffic reaches the Internet gateways.

The average computer user is stuck in the middle. We have no choice but to put our trust in the leading antivirus software developers to continue fighting this battle.

Besides trusting the antivirus software developers through purchasing their software and enabling frequent automatic updates, what else can computer users like you and I do?

First, we should install computer security software including antivirus, antispyware, and firewalls. Installation isn’t enough. We must also make sure that the software is set up for regular, automatic updates. I have my Internet security software set to update itself every three hours. Every three hours, it faithfully downloads more new definitions. In addition, set up regular virus scans because who knows what may have arrived in between updates.

Next, we should use even greater care than ever before when opening attachments. You know those cutesy PowerPoint shows featuring cuddly animals or patriot themes? They could also be carrying an unwanted payload so don’t open them.

We should also make sure that our computer systems and Internet browsers are secured with the latest patches. For example, malware and hackers take advantage of vulnerabilities all the time. As vulnerabilities are discovered, computer and software makers such as Microsoft release patches that close the hole.

Another good idea is to stay informed about the latest emerging threats. All of the major antivirus software developers maintain websites detailing the current threat level and emerging viruses. Make it a point to visit these websites regularly.

Today’s antivirus software is reasonably good at keeping up with the latest viruses but challenges do exist. By keeping your software current, patching your system, practicing safe computer habits, and staying informed, you’re doing your part in this battle.

here’s a link to the article by Marx: http://www.av-test.org/down/papers/2008-02_vb_comment.pdf