The cure for the common computer virus: application control

A recent study found that application control tools were more effective and used fewer resources than antivirus software.

The computer virus was once public enemy number one in the cybersecurity field. The threat was so ubiquitous, “virus” become an interchangeable term with malware for many people. However, hackers have dropped that cyberweapon in favor of other forms of malware in recent years. Tools and tactics such as exploit kits, spear phishing and distributed-denial-of-service attacks have provided cybercriminals with malware that was better equipped to address modern cybersecurity defenses.

Meanwhile, the virus fell behind the times and quickly became an outdated and rarely used resource. With the spread of constant, high-speed network connections, other forms of malware sprang up that could self-propagate at a much quicker rate than the old standby. Furthermore, hackers have increasingly favored stealth behavior in their malware, allowing programs to lurk within a system, undetected for months and sometimes even years at a time, while relaying data back to the criminal. Viruses, by their very nature, are incapable of achieving this functionality as they will quickly attempt to infect a large number of files upon breaching a system. The resulting loss of performance and operability will tip off even the most oblivious user to the virus’ presence.

The return of the virus
A recent cybersecurity report, however, found that the computer virus has made a comeback in certain parts of the world. While its prevalence remains low in technologically mature markets such as North America and Western Europe, large numbers of viruses have been detected in emerging broadband markets including Central Asia and Africa. Pakistan currently leads the world in virus rates with 44 percent of its systems reportedly showing signs of infection. Indonesia, Ethiopia, Bangladesh and Somalia round out the top five. Researchers believe one of the main reasons for the prevalence of viruses in these nations is their low broadband penetration rates. Their slow bandwidth speeds make viruses a useful tool for hackers in those regions.

Historically, users have deployed antivirus measures to combat these threats, but this defensive measure has its share of flaws. Although these programs can quickly remove malicious software if it can be identified, some antivirus tools may fail to notice an unknown or recently released program. A more potent solution is the use of application control software. Instead of blocking recognized threats, whitelisting tools only allow known and authorized programs to launching on a system. This way, users can avoid infections and the damage they wreak on a computer.

Application control goes head-to-head with antivirus
Researchers recently put application control software up against several popular antivirus programs and found that the whitelisting tools outperformed their rivals in nearly every category. On average, the application control program was able to block 48 percent more zero day viruses than the tested antivirus software. Furthermore, the whitelisting tools placed much less strain on the system when completing their tasks.

In addition, when compared to antivirus programs, application control used 29 percent fewer CPU resources. This means that whitelisting programs have a far less noticeable impact on the performance of a machine. In contrast, antivirus software could significantly slow down the processing speed of a computer while providing less comprehensive security coverage.

The study’s researchers concluded that whitelisting and application control technology presented a viable alternative to antivirus defensive measures. They estimated that businesses could save as much as $1 million over a span of three years by using these tools to either supplement or replace existing antivirus software.

“These new test results show IT can consider running reducing the frequency of [antivirus] scans and, in widespread virtual environments, even consider reducing the number of [antivirus] installations and replacing it with Application Control,” C. Edward Brice, a member of the cybersecurity industry said. “Organizations will still maintain maximum endpoint security effectiveness while increasing overall operational efficiency.”

Interested in some more tips? Check out these 10 tips to help fend off malware on computer systems in your enterprise.

Scott Cornell

When he’s not knee deep in blogging and all things tech, Scott spends his free time playing ultimate Frisbee and watching foreign films. An expert in emerging tech trends, Scott always has his ear to ground for breaking news related to IT security.