A top Symantec executive has hit out at free antivirus software, including Microsoft’s Microsoft Security Essentials, warning consumers that it won’t be enough to keep them safe.
Speaking to BLORGE, David Hall, Symantec’s Product Manager Asia-Pacific Consumer Products and Solutions said that free antivirus software isn’t able to keep up with full-price suites like those offered by Symantec.
“If you are only relying on free antivirus to offer you protection in this modern age, you are not getting the protection you need to be able to stay clean and have a reasonable chance of avoiding identity theft,” he said.
Hall also dismissed Microsoft’s Microsoft Security Essentials offering (which is currently in Beta) as an incomplete solution.
“Microsoft’s free product is basically a stripped down version of the OneCare product Microsoft pulled from retail shelves,” he said.
“Consumers don’t need less protection, they need more.”
According to Hall, there is a widening gap between people’s understanding of what protection they need and the threats they’re actually facing.
“People tell me, oh well look I use free antivirus because it is free and it protects me from everything in those areas, but when you compare that with what’s really going on in the threat landscape, there is a very, very big gap between what antivirus does and the threats that are being delivered today.”
Hall says attackers are specifically trying to target legitimate websites, which naturally have higher traffic, and so offer a higher payload in terms of the number of users that can be compromised.
“The most common way you’ll get infected right now is just by browsing what you would think was a good website. Traditionally, if you stayed away from the adult entertainment sites, or the warez or crack sites, you would be okay.”
And while antivirus plays an important part in protecting users, Hall says antivirus should only be considered a last defense.
“Don’t get me wrong, antivirus is very important, but it is the last security technology that you want to rely on for protection. It means that you’ve been infected: threat has actually gotten to your machine. So, it is the last layer of defense that you ever want to have activated.
“It is very important, but we would much rather stop the threat from ever getting to your machine, rather than rely on what we call a reactive technology, where the threat has already been delivered to your machine already.
Drive by downloads
Hall points out that hackers don’t just target the web browser.
“If you look how most infections are coming now, they are coming from drive-by download, and while these often do come through the web browser, attackers are not necessarily only targeting the web browser. Think about all the plug-ins you have installed on your machine – RealPlayer, Flash, QuickTime – all of these have vulnerabilities too.
“With free antivirus software you may or may not be updating against these vulnerabilities, and we’ve seen that more than half of the attacks are getting browser plug-ins rather than the browser itself.
“So, when you think about people saying that free antivirus is enough, well, they are just relying on an exploit being delivered by the browser, breaking into your computer, and then, hopefully, the antivirus engine has some form of protection against it, but it’s the last layer that you ever want to have activated to offer you protection.
“That’s why free antivirus is not enough: you need in-depth layered technologies, which only come from the more mature paid suites.”
Hall maintains that free antivirus firms don’t have the resources to stay on top of all the security threats.
“Imagine what it must be like for somebody who is not actually charging to be able to pay their security researchers to be able to keep up. We’ve made more virus definitions last year than we have in the last 10 years.”