Why antivirus isn’t enough

As technology continues to evolve and the possible ways end-users are targeted increases, it can be easy for a person to convince themselves that they are digitally secure.  With antivirus as the most commonly used weapon against malware, it’s worth noting that back in May, a Russian hacking group infiltrated three U.S. antivirus companies. 

How did the hack happen?

Researchers over at AdvIntel discovered that a Russian hacking group, Fxmsp, is trying to make money off of their hacking efforts by not only selling valuable source code, but also by selling network access to three antivirus companies.  The original discovery of Fxmsp’s hacking shenanigans occurred a few months back in March of this year. The group is well known for hacking large companies and global organizations, then selling access to the networks of their victims.

fxsmp-method-of-operation

Does this mean my Antivirus is vulnerable?

This is where things get dicey.  Possibly.  Because the three companies that have been allegedly compromised are unknown, it is possible that the antivirus program you are using is vulnerable to being tampered with, or worse yet, rendered ineffective against known viruses and malware.

A false sense of security

Depending on where you measure on the scale of information security prowess, this troubling news may not seem like a big deal.  If you believe that having antivirus installed on your computer is sufficient to keep you safe from hackers, you’re likely living under a false sense of security.  Antivirus only protects part of your digital presence, much like car insurance won’t protect you from an injury.

Layers of security

While there is no silver bullet that can keep you and your devices safe from all cyberattacks, you can make yourself a harder target to infiltrate by ensuring you are using layers of digital security.  For example, if your antivirus installed on your computer is from one of the three compromised antivirus companies by the hackers above, but you are diligent with keeping your operating system and applications up to date, this could bode well for you in future attacks.  When an attacker intends to deliver a malicious payload via a compromised antivirus program but the malware only works on devices with unpatched vulnerabilities, your other layers of security (antivirus + up to date system) can help thwart this potential attack.

Layers in action

Taking this analogy a step further, if you run as a “standard” user instead of an “administrator” on your computer, use antivirus, have up-to-date applications and an updated operating system, and also protect your network with a secure VPN that has protections against known phishing links, you effectively have five layers of security protecting you and your devices.  While it is possible to infiltrate all five of these layers, it will certainly be harder to do so (plus, it makes you a more frustrating target).

Stay safe on the web, and remember that Rubica’s watching out for you.