Antivirus Versus Antimalware
You learned about malware and about viruses in unit two and you should now understand the two terms. But what is the difference between antivirus and antimalware software? Do you need both types to secure your operating system (OS)? Read this article to learn why antimalware is needed and be able to explain why it is needed on systems today. What is meant by the term heuristics?
You're not alone. Technology isn't easy to keep up with. The old adage is still true though: "An ounce of prevention is worth a pound of cure".
This is especially true in the case of getting your computer infected with malware. The results can range from a loss of a few weeks or months worth of productivity to wire fraud that costs tens of thousands of dollars. Often even more than that without any kind of incident response plan.
You may wonder, "I have antivirus installed so I'm good, right?"
That's a good thing but not good enough to protect against the more sophisticated types of threats we see today. We make sure all of our clients have anti-malware installed and configured properly. Keep in mind that viruses are also a type of malware among several common types that anti-malware detects better than more traditional antivirus. Some of these include:
- Adware
- Spyware
- Worms
- Trojans
- Ransomware
- Rootkits
- Keyloggers
- Malicious crypto mining (also called crypto jacking)
- Malvertising
- and more!
"What are heuristics?"
You'll likely hear more about this fancy word in the coming months and years. It's important to understand what this means because it separates the old from the new in more ways than one. In short, next-generation protection from malware uses some shortcuts that make them both faster and more accurate for detecting threats like malware. These shortcuts are called heuristics.
There's a tremendous amount of information coming into and out of our devices. Much like our brains, we need to speed up decision-making processes wherever possible. Our brain relies on some mental strategies, heuristics, to simplify things so we can spend less time analyzing details before we make our decision.
We make thousands of choices each day. What should we wear? What should we eat? What should we drink? What music should we listen to? Should we take the train, the bus, ride our bike or drive into town today? Heuristics allows us to make decisions easily with as little effort as possible.
"Why doesn't antivirus work so well anymore?"
Antivirus programs don't use heuristics or shortcuts to quickly stop threats, much in the same way our brains use them to make choices fast. Instead, antivirus does things quite differently: typically by comparing potentially nasty attachments to known signatures, essentially a very long list of known threats.
The days of this approach being effective are over. Malware has advanced way past that.
Antivirus companies haven't yet accepted this. They all need to rethink how they're going to evolve because signatures and hashes don’t work well against polymorphic code (code that changes with great frequency) that is unique to each attack.
Meanwhile, the days of comparing a potentially harmful executable file to a know list of hashes aren't good enough to protect us.
"How does anti-malware work?"
Artificial intelligence (AI) and machine learning (ML) are the latest technologies helping us in the battle against malware to analyze threats and take action to protect our devices before we become the next victim.
These next-generation tools use heuristics and behavioral API calls, which is a technical way of saying they use better, more up-to-date methods for detecting nasty stuff.
"What should I do?"
"An ounce of prevention is worth a pound of cure".
Source: https://support.forgetcomputers.com/hc/en-us/articles/360021030452-Antivirus-vs-Anti-Malware-What-s-the-difference-
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 License.