In June, the US Department of Commerce announced a ban on Kaspersky software.As of September 29, Kaspersky will no longer be able to provide antivirus signature updates and code updates for banned products to customers in the United States, according to ZDNET’s Lance Whitney.
Also: Have you received a fake McAfee or Norton invoice? How does this scam work?
When I read the news, I was as shocked as anyone. Did someone accidentally push a button that took us back to 1999? Are people still paying for third-party antivirus software?
It seems like everyone does, but good luck finding reliable information on the antivirus market in 2024. Most of the data I’ve been able to uncover comes from the aforementioned software developers, which aren’t the most reliable sources.
Antivirus software by numbers
ONE recent survey by Security.org has come up with some numbers for the US market that seem credible. That survey said about 54% of Americans use the default antivirus protection that comes with their devices, while 46% use third-party antivirus programs.
Also: Has your Social Security number been leaked on the dark web? Use this tool to find out
But of those who installed additional protection, just over half (33 million households) paid for the privilege. Norton and McAfee accounted for 52 percent of paying customers, while Kaspersky had just 4 percent of the market. If those numbers are accurate, 1.3 million Americans could be asking Kaspersky for a refund by the end of the year.
And here’s the part that caught my attention in that report:
Older Americans are significantly more likely to use third-party antivirus software and pay for the software. Those over 65 are twice as likely to subscribe to a paid antivirus service as those under 45.
Full disclosure here: I’m in the over-65 demographic, with gray hair, and I haven’t used third-party antivirus software in decades. But my gray-haired friends still pay. Why? For the same reason they still use checkbooks. It’s what they grew up with, and it makes them feel comfortable.
This is also a huge waste of money.
How to Protect Your Technology in 2024
Regardless of what kind of device we’re talking about here, you’ll probably be fine with the default protection that comes as part of the platform. On mobile devices (iOS or Android), that means the app store that the operating system developer maintains. On Macs, XProtect anti-malware technology has been around for over a decade and is effective against mainstream threats.
Also: Why the NSA recommends you turn off your phone once a week
What about Windows? Well, Microsoft Defender Antivirus, which comes built into every Windows PC, regularly passes tests from third-party labs that measure the effectiveness of security software. The upgrade started about seven years ago, and Microsoft’s solution has regularly score between 99% and 100% since then, making it as effective as third-party competitors, whether free or paid.
And even that result doesn’t tell the whole story.
At the beginning of the 21st century, when the Windows PC landscape was at its wildest and most chaotic, most malware arrived on people’s PCs as email attachments or over the network. Today, those vectors have been effectively closed. Automatic updates protect against newly discovered vulnerabilities. Your modern email client blocks all types of executable attachments, including script-based ones. And network firewalls have come a long way since (check calendar) 2002. And recent testing shows that Microsoft Defender is effective in blocking all the most common attack vectors because ransomware and information thieves.
Also: How to Use Public Wi-Fi Safely: 5 Things to Know Before Connecting
On average, a modern antivirus application blocks 99.2% of the very few threats that make it past other layers of protection. And even then, your instincts (“Don’t click that link!”) are effective. This is why modern, fully patched consumer PCs aren’t really the target of the criminal gangs responsible for modern malware.
Main objectives
Most attacks are launched by sophisticated criminal gangs and target businesses, using vulnerabilities that are more likely to reside in third-party software than in the operating system itself. Russian hackers used SolarWinds management software to hack Microsoft and other high-value targets. A widely used application called MOVEfrom Progress Software, is exploited in a breach affecting thousands of major companies and government agencies last year, and one new vulnerability was reported in June.
Shell, British Airways, the BBC, and the Canadian province of Nova Scotia were victims of the MOVEit attack, not random PC users. Today, major cybercriminals are focused on that type of target. A signature-based antivirus application won’t provide protection against those targeted attacks. Instead, IT departments in large organizations need sophisticated network-based software that allows administrators to monitor for signs of intrusion in real time.
Also: How to upgrade your ‘incompatible’ Windows 10 PC to Windows 11
Small-time users are pretty well protected by default security measures, largely because determined attackers don’t see any financial benefit in targeting such small-time victims. If you’re still paying for Norton, McAfee, or Kaspersky for antivirus protection on your home PC, it’s time to let that subscription expire. But if your workplace IT department says they want you to install an endpoint monitoring application, believe them.
Just make sure it’s not from Kaspersky.
This article was originally published on July 1, 2024 and was last updated on August 26, 2024.
