Some Thoughts for Millennials that Diss Antivirus

blameMy generation can get awfully snarky about antivirus: go on reddit, search for the topic, and you’ll find some arrogant responses along the lines of “antivirus is just adware and all I need is Malwarebytes”.

Well hey, good for you, and Malwarebytes is great (I use it too). But we millennials have a harder time remembering what the internet was like before AV came along, a time when any email or misclicked website could brick your computer. Now with the rise of ransomware and targeted attacks putting entire devices at risk once more, we have somehow resorted to blaming antivirus for not being effective enough at blocking these attacks. It’s unfair and short-sighted, and the popularity of the “AV is unnecessary” trend remains perpetually premature.

There are two things in play here. The first is something I’ve explored before: the term “antivirus” is overly non-specific in 2015. I have antivirus on all of my devices, but it is not necessarily “anti-virus” in that it merely blocks viruses. It is anti-malware in that it blocks viruses, Trojans, adware, and other threats, while also handling my backup and encrypt and app security. It’s impossible to argue that “antivirus is or isn’t effective” when different people are talking about twenty different things. When I say “antivirus”, I mean the complete suite of antimalware products that is now the standard offering from traditional “antivirus” vendors like Symantec, McAfee, Trend Micro and others for both traditional and mobile devices. The point is that no one is selling strictly “antivirus-only” software these days. The term "antivirus" isn’t ideal, but we are stuck with it. Millennials are not big on acknowledging/understanding the differences, which is part of the problem.

The second problem with this broad characterization is that the world continues to sleep on the true root cause successful malware attacks. I was at the Trend Insight conference last week, and they reiterated the oft-used statistic that 90% of successful attacks begin with a targeted attack followed by end-user error. 90 percent. The implication is that only 10% of attacks come as a result of a virus, Trojan, or other threat that has been randomly sprayed across the internet. Instead, the vast majority come as a result of the user making a mistake stemming from an intentionally targeted attack. This is why I have such a hard time listening when people blame antivirus for not being effective enough: antivirus programs, by and large, are there to protect you from that 10% of danger that you will never even see.

But if something is placed in front of you? Say, a spoofed email from your “bank” that comes from as opposed to that asks you to open an attachment? That is the type of issue that very few programs -- and almost no consumer-grade programs -- will ever be able to stop you from opening. Opening an attachment from a spoof address because they used your name and it looks official is an understandable mistake; blaming security software designed for a completely different type of threat is not an understandable response. And most antivirus vendors offer backup options to boot, just in case this does happen. It’s not their fault if you decide not to use it.

As with most security blogs from the beginning of time, I suppose my point is that end-users have a tendency to blame security programs and protocols for their own mistakes. AV vendors learned a long time ago that alert fatigue is a killer, and most consumers are happy not knowing what goes on behind the scenes. Pair this with the fact that Windows Defender has become much more competent than it was ten years ago, and you can begin to understand why we think we don’t need AV. But for the people on reddit who claim that “if you’re just smart you don’t need antivirus”, remember that you are in a bit of an echo chamber. You are the 1%. For the rest of the world, my aunts and uncles, my grandparents, or my children? I’m loading them up with antivirus, because taking that variable out of the equation remains the obviously smart move right now and for the foreseeable future. Targeted attacks are my primary focus, and I’m not trying to fight a war on multiple fronts. I’ll continue to let the AV programs handle that 10%. It’s fun to be snarky; it’s smart to be safe.

threat intel infographic

Topics: Cybersecurity