Choosing an antivirus solution

The choice of security anti-virus (if we disregard the issue of cost) depends on its quality requirements. If the use of Internet is not that active, only trusted web-sites from a limited list are visited, correspondence is only with a limited number of people and there are no tones of spam, new programs are not downloaded from the Internet – requirements to anti-virus protection can be minimal.

Otherwise, however, if the network is used extensively, the volume of email is high, and search services are used on a regular basis – requirements to quality and functionally of anti-virus protection are much higher.

Reliability and usability are the most important criteria, as even the ‘absolute antivirus’ might prove to be absolutely useless if it conflicts with the system, strongly reduces its efficiency or from time to time “hangs”. If an antivirus requires special skills which most common users are devoid of, it will be too difficult to use (work with). Common user will simply ignore its messages and randomly click «Yes» or «No», depending on which is closer to the cursor. And if an antivirus asks the common user difficult questions, most probably the latter will disable, if not delete the program from the system. If a corporate antivirus version does not have features required to administrate the company’s network, most system administrators will rather choose a product which would be less secure but more convenient.

Comprehensive protection is the second critically important criteria. All computer domains, all types of files and network elements which can be potentially attacked by a virus have to be constantly under protection. The program should be able to detect a malicious code and protect all channels of possible intrusion (e-mail, WWW, FTP e. t.c.), leading into the computer and the network.

Quality of protection is the third key criteria. Any most sophisticated antivirus is of no use is it is unable to provide a required level of protection from malicious programs. Anti-viruses have to resist a quite aggressive environment which is constantly developing – often new viruses, worms, Trojans become much more complex than their previous versions.

As for protection quality, it is made up of the following features: level of detection of malicious programs, frequency and regularity of updates, ability to delete the virus code from the system properly, resource capacity, possibility of double protection (systems) by different manufacturers, ability to protect not only from known – but also from new viruses and Trojans.


Roaming Mantis uses DNS hijacking to infect Android smartphones

In March 2018, Japanese media reported the hijacking of DNS settings on routers located in Japan, redirecting users to malicious IP addresses. The redirection led to the installation of Trojanized applications named facebook.apk and chrome.apk that contained Android Trojan-Banker. During our research we received some invaluable information about the true scale of this attack, we decided to call it ‘Roaming Mantis’. Read Full Article


DDoS attacks in Q4 2017

Q4 2017 represented something of a lull: both the number and duration of DDoS attacks were down against the previous quarter. At the same time, the increase in the number of attacks on honeypot traps in the runup to holiday sales indicates that cybercriminals are keen to expand their botnets at the most opportune moment by pressuring owners of online resources and preventing them from making a profit. Read Full Article


IT threat evolution Q3 2017

Our growing dependence on technology, connectivity and data means that businesses present a bigger attack surface than ever. Targeted attackers have become more adept at exploiting their victims’ vulnerabilities to penetrate corporate defences while ‘flying under the radar’. Read Full Article


DDoS attacks in Q3 2017

In the third quarter of 2017, we registered a considerable increase in the number of both DDoS attacks and their targets. Traditionally, China is the country with the largest number of attack sources and targets. It was followed by the United States and South Korea. The popularity of Windows OS as a basis for creating a botnet has fallen noticeably, while the share of Linux-based botnets increased proportionally. Read Full Article