Can Cyber-Security Software Do It All? What Responsibilities Rest With the Users?
If you’ve been following my column for some time, you know that we’re a big-time soccer family. (If you don’t like the game of soccer or don’t have children who play soccer, I encourage you to read-on and simply replace soccer with any other sport, boy/girl scouts, band, school, or any other activity that your kids are actively involved in).
As parents of three young soccer stars (what else would you expect a proud daddy to say?!), it can be an exhausting and daunting task getting the kids prepped and ready to go, and out the door to where they need to be for each practice or game. Have you ever showed up at the wrong time or location due to schedules starting to blend together or a last-minute change to the schedule that was only given over email (are we seriously expected to be glued to our devices every second!)? How about having a child show up (correctly mind you!) to a game in their Home jersey only to find out that there is a jersey conflict with the opposing team and the Away jersey is to be worn. The only problem is, you didn’t pack that jersey. Or another fun one I like dealing with: having your son or daughter tell you that they’re starving and haven’t eaten anything all day–minutes before getting to the field? And my personal favorite: when you ask your child to stay hydrated and drink plenty of water during the game because it is a 90-degree day and they turn to you and say, “I don’t have my water bottle, did you pack it?” (When you went through the hassle of searching out the water bottle, filling it and even putting it next to their bag for them to pack). I hope you are getting the point here. It is truly amazing that even after hundreds (and likely thousands) of practices and games, my wife and I are still dumbfounded on how often “we” fail at perfecting our pre-game/practice ritual and adequately fulfilling the myriad of soccer needs for our children. I hope you sense the sarcasm because are “we” (as parents) always really at fault here? At what point does (some of) the responsibility shift from us to them?
As the owner of a successful antivirus/endpoint security software company (Thirtyseven4), I feel the responsibility who’s-to-blame game parallels my family’s soccer life in many ways. I.e., when it comes protecting your systems and devices against all the latest malware, ransomware, vulnerabilities and other cyber-attacks, what responsibilities rest with the user, and what responsibilities rest with the developer?
In my professional opinion, the following responsibilities lie with an anti-virus software developer like Thirtyseven4:
1. To develop Endpoint Security (antivirus/antimalware) products with the latest cutting-edge technologies. The responsibility here is to stay ahead of cyber criminals, and to create features within our solutions that offer our customers the very best in protection. We can do this by closely analyzing the current and upcoming criminal treads in the industry and combating them. Not only must our solutions stay ahead of the curve, but we also own the responsibly of developing reliable and stable products.
2. To enhance existing features. Unlike 95% of the software business, the antivirus industry changes daily, and by the minute (second!) at times. Cutting-edge security features developed today, may already be obsolete tomorrow. Cyber criminals are relentless in their hostile pursuit against you. As an organization, we have the responsibility of continually improving our settings and features against the latest emerging threats.
3. Fixing bugs as and when they’re found. While as a company, we go to extreme lengths to put our solutions through rigorous quality control testing: software, by definition, is imperfect. We owe it our customers to address any discovered issue in a timely manner, and we make it our business to correct and update quickly and effectively.
4. Keeping our solutions up-to-date to combat all the latest malware. To take on this responsibility, Thirtyseven4 has both domestic and international virus labs located around the world where there is 24/7 monitoring and utilization of many advanced proprietary techniques to scan the Internet, quickly identifying the latest risks out there. On any given day, Thirtyseven4 is updating for 10,000 – 20,000 new pieces of malware on all OS platforms (Windows, MACOSX, Android, etc.).
5. Providing Next-Gen style detection procedures to combat unknown threats. In a previous article, I detailed how Thirtyseven4 uses its own industry-leading Machine-Learned / Artificial Intelligence (AI) to proactively protect its users against Zero-Day and unknown/suspicious threats. A link to that article can be found here ( http://www.thirtyseven4.com/malicious-or-not-malicious-that-is-the-real-time-question/). We work very hard to stay one technological step ahead of the bad guys.
6. Even with a 99.999% success rate against malware threats given our high-level malware monitoring and our AI-style technologies, there is always a possibility of something slipping past our multiple filtering systems. That being the case, the anti-virus industry must also shoulder the responsibility of providing immediate and quick resolutions to outbreaks. It is also worth noting that there is much more to simply updating for a new threat, as there is also a quality control piece to each update. Including scripting and forwarding updates to all software so that the identified strain does not affect or cause vulnerabilities for anyone else.
These are a few things that I see as our responsibility as security software developers. With all that, what responsibilities would I say lie with the end user?
1. Use genuine applications & operating systems. If you are downloading and installing hacked or cracked pieces of software because they’re free, you are playing with fire.
2. Keep all applications and operating systems up-to-date. There are thousands of security vulnerabilities and exploits out there involving Windows, Apple, Java, Adobe, etc., and most Zero-Day style threats capitalize on available software vulnerabilities. You can look to the WannaCry ransomware scare one year ago as a great example (over 250,000 systems infected!). A properly patched system would have avoided it.
3. Install strong and genuine antivirus software & keep its virus definitions up-to-date all the time. We, here at Thirtyseven4, can develop the most secure solution on the market and be on top of all the latest threats, but if the antivirus gets disabled or removed for any reason or a user isn’t making sure it is receiving the daily updates, it means nothing.
4. Keep strong passwords to system & application. Many of the recent cyber attacks now target systems directly via brute style force attacks cracking weak or easily guessed passwords. Once an attacker has access to a system, they can disable the antivirus software, etc. This leads to another point, keep your security software settings, password protected (with strong passwords!) as well.
5. Avoid installing applications downloaded through unknown sources. Instead visit legitimate websites directly (instead of through search engines searches due to SEO poisoning possibilities).
6. Use caution when opening and downloading attachments originating from unknown sources.
7. Avoid clicking on any unknown URL arriving in your inbox.
8. When Thirtyseven4 (or your AV software of choice), successfully detects an unknown threat, do not exclude or allow that suspicious activity because you feel it is harmless. Things aren’t always what they appear to be. Contact your vendor first.
9. Disable Remote Desktop if it is not in use. See #4. Instead of cracking weak passwords, brute style force attacks, also seek open/available RDP ports.
10. Arguably the most important: Keep regular backups of all your important data.
There are black and white areas of responsibility for AV developers for sure. Things only we can do, and we are called to do to keep the public safe. Parents have responsibility roles that are clear as well. They may shift as kids grow and mature…and as we empower them to assume their own responsibilities. But keeping children safe, fed and loved—these responsibilities don’t change.
Thirtyseven4 can be a responsible parent but we also need responsible children. We can do our best to prepare you and combat these threats, but we need user intervention at times to make sure everything is carried out. If your system gets infected because weak passwords were configured, or you felt it was too big of a hassle to maintain Windows updates, who is at fault? The parent or the end user (child)? We share the burden placed on us by cyber thugs, but only together can we be successful.
We have “prepped the soccer bag”, so to speak. Laid out what needs to be used to be kept safe. But we need your help as end-users. Don’t forget to use all the tools in the bag! We are on the same team! Let’s work together to play hard against our cyber opponents!