Skip to main content

Anti-virus products fail to protect against attacks

Anti-virus products on the market provide zero protection against new, unreported computer viruses and take weeks to update their signatures to handle such security threats, according to an eye-opening new report from Imperva.

The data center security solution provider called the more than 40 anti-virus software products it tracked for a recent study "woefully inadequate" at protecting IT assets from 82 newly created viruses that company researchers unleashed on them.

Imperva also reported that it took "up to a month or longer" for 75 per cent of anti-virus solutions to add those viruses to their signature lists and begin protecting against them.

Consumers and businesses spending big money on such products are only getting an "illusion of security" in return, the company said in its most recent Hacker Intelligence report, which details the findings.

"Enterprise security has drawn an imaginary line with its anti-virus solutions, but the reality is that every single newly created virus subverts these solutions without challenge," Imperva CTO Amichai Shulman said in a statement.

"We cannot continue to invest billions of dollars into anti-virus solutions that provide the illusion of security, especially when freeware solutions outperform paid subscriptions," he added.

In fact, Imperva found that two free anti-virus solutions - Avast and Emsisoft - were on the short list of tested products that "provided protection" from emerging IT security threats.

Imperva noted that it would be impossible for any anti-virus product to identify and quarantine a brand new virus, but cautioned that the real issue was the lag time between information about such threats becoming available and the three weeks on average it took the tested AV products to finally address them.

"Investment in anti-virus is misaligned. In 2011, Gartner reported that consumers spent $4.52 billion (£2.8 million) on anti-virus while enterprises spent $2.9 billion (£1.7 billion), a total of $7.4 billion (£4.5 billion) or nearly a third of the total of $25.4 billion (£15.7 billion) spent on software security. It is impossible to justify a return on investment for this massive expenditure when freeware solutions prove equally or more effective than paid solutions," the Imperva report stated.

The company's researchers used The Onion Router (TOR) proxy "to safely obtain more than 80 viruses from clandestine websites, which were run through a database of more than 40 anti-virus solutions to ensure they had not been previously reported."

Despite its findings, Imperva said it would "not recommend completely eliminating [anti-virus] from an effective security posture" but said security teams should complement AV software by "focus[ing] on detecting abnormal behavior such as unusually fast access speeds or large volume of downloads and adjust[ing] security spend on modern solutions to address today's threats."