Antivirus software only catches 45% of malware attacks and is “dead”, according to a senior manager at Symantec.
Remarks by Brian Dye, senior vice-president for information security at the company, which invented commercial antivirus software in the 1980s and now develops and sells Norton Antivirus, suggest that such software leaves users vulnerable.
Dye told the Wall Street Journal that hackers increasingly use novel methods and bugs in the software of computers to perform attacks, resulting in about 55% cyberattacks going unnoticed by commercial antivirus software.
Malware has become increasingly complex in a post-Stuxnet world. Computer viruses range from relatively simple criminal attacks, where credit card information is targeted, to espionage programs that spy on users and data but can easily be upgraded into cyberweapons at the touch of a button, according to security expert Eugene Kaspersky, founder of Kaspersky Lab, which also sells antivirus software.
From protect to ‘detect and respond’
That failure to detect issues is forcing Symantec, which has a turnover of about $1.6bn (£590m) and an 8% global antivirus marketshare – according to data from the enterprise software company Opswat – to diversify its products, moving into the “detect and respond” sector rather than the simple “protect” segment.
The switch to the detect and respond paradigm means tracking data leaks, hacks and other intrusions and preventing further repercussions from stolen data. For users, that means changing passwords, but for businesses that often means stopping access to accounts and services that have been subject to data loss or infiltration, as well as tracking the source of the intrusion and shoring up cyberdefences – something governments have been doing with new cyber response teams.
Antivirus still accounts for 40% of the company’s revenue, however, and while other security companies such as Kasperky and Intel’s McAfee have already moved in that direction, Symantec lags the movement.