Wednesday, April 14th, 2010
AVG (AU/NZ) Pty Ltd, the distributor for Australia, New Zealand and the South Pacific of the award-winning AVG Anti-Virus and Internet Security software, is often asked just what people need in order to be safe online these days. Is a firewall enough? Is anti-virus protection enough? Do I need anti-spyware and anti-malware as well? People are understandably very confused.

Here, then, is a basic explanation about what protection you need in order to be safe while banking, shopping, gaming, downloading and chatting online...

Viruses are bits of malicious code that spread by themselves. They still exist, but there are not so many of them around any more because they don't help the “Bad Guys” make money. In other words, the Bad Guys could still write viruses, but they don't much because viruses don't tend to assist in stealing stuff.

Instead, the Bad Guys tend to write spyware, worms and other malware such as key-loggers and remote controlled backdoors, which allow them to steal bank account login details and important personal identification like credit card numbers and tax file numbers.

These days, anti-virus, anti-spyware and anti-malware have merged into what most security software suppliers label as their “Anti-Virus” product. Then these companies typically also have an “Internet Security” suite that adds extra layers of protection like firewall, web protection, identity protection etc.

Firewalls stop intruders, such as worms and hackers, forcing their way in from the outside. A good enhanced or two-way firewall also stops anything such as a key logger or identity theft program sending any captured information back through the firewall to the Bad Guys.

The single most important thing to understand is that 99% of all attacks now originate from the web. When a web browser is started, it starts from a trusted place.... inside the firewall. The web browser creates a trusted tunnel through the firewall. If a victim visits a web site of hostile intent, the attack malware code is able to go right through the firewall and has a chance of executing on the victim’s PC.

What this means is that your anti-virus product of choice should include a dedicated web scanner. We have AVG LinkScanner® for exactly that reason. It does a real-time check for web-based threats every time you try to open a web page in your web browser. If an active threat is detected, you are warned not to continue trying to view the web page. Thus the threat is blocked before it gets onto your PC.

The next thing to understand is that good Internet security protection should include a good behaviour monitor, such as AVG Identity Protection.

Traditional anti-virus/anti-spyware/anti-malware products work by scanning for known malware. This is called “signature scanning”. Think of it as being like the bouncer at the door of a popular venue being asked to keep out certain people based on having photos of their faces. That works great, as long as you're dealing with a known bit of malware (or face), but if it's new, it gets past the scanner until it's updated. Simple as that.

The Bad Guys know this, and, using automated tools, produce 20,000 to 50,000 new variants each day which they release into the “Zoo” of known malware. They only actively use 500 to 2,000 of these variants each day in the “Wild” to do bad stuff. The others are produced to make it hard for the security software companies to know which are the 500 to 2,000 variants that you really need to be protected from.

A behaviour monitor, however, is not signature based, but instead watches for malicious behaviour of the applications and processes running on the PC. For example, a new program that installs itself so that it survives a reboot and also starts monitoring keystrokes, is very suspicious to a behaviour monitor. In our analogy, it’s as if the bouncer is now considering the dress, walk, demeanour and overall manner of those approaching the venue. A newcomer who doesn’t fit acceptable behaviour patterns is now highlighted for special consideration.

The best way to do security is in layers... think about a slice of Swiss cheese. Any individual slice is full of holes, but if you get two slices and place them on top of each other, they cover up most of each other's holes. Get a third slice and there are no holes left.

Computer security works the same... that way, each layer only has to be 80% effective, but if you have enough layers, there are no holes left. That's important, because the more you strive for 100% with any one layer, the bigger and fatter it gets, with more potential for conflicts and issues. It's classic 80/20 stuff... you can solve about 80% of just about any problem with just 20% effort.

As Lloyd Borrett, Marketing Manager for AVG (AU/NZ) says, “It takes multiple layers of defence to protect against the wide variety of attacks and threats. A single technique cannot protect against every possible threat. An efficient layered approach provides multiple layers of defence that will allow one technique to catch things that may have slipped through the outer defences.”

What this all means to an end user is that they need:
1. a specialist web-scanning layer to block most of the attacks immediately, e.g. AVG LinkScanner, followed by,
2. a traditional anti-virus scanner that's focused on the actual malware that's in the Wild and being actively used by the Bad Guys, as opposed to what’s just in the Zoo and not a threat, e.g. AVG Anti-Virus, followed by;
3. a behaviour layer to pick up anything that gets by the web scanner and traditional anti-virus/anti-spyware/anti-malware scanner, e.g. AVG Identity Protection.

All of these layers of protection are available separately. But they work best when bundled into an efficient all-in-one solution.

“Solutions like the AVG Internet Security suite, where all of the multiple security layers are designed to work efficiently together, with one easy ‘set and forget’ update process, provide complete peace of mind,” said Borrett.

Such a solution mightn't win too many magazine "shoot-outs", because the highly dynamic, multi-faceted, real world threat landscape is really hard to emulate and test against properly. But the real benefit to an end user is that they have a lightweight, nimble product that protects them. And that’s what AVG is doing to enable its 110 million users to stay safe online every day.

Contact Profile

Keywords

AVG, anti-virus, firewall, Internet Security, cyber-crime

Categories

Sharing

More Formats