A polymorphic virus has the capability of changing its own code, enabling it to have many different variants, making it harder for antivirus software to detect.
Why is it so scary? it can change itself, usually virus scanners can’t pick it up because there are so many different forms or versions of it.
Simply put, a virus can be an application or an actual string of code that intends to poison software. Viruses can affect code the same way that they can affect human beings. You catch a virus, it spreads, and your sick. All it takes to get into your system is to “catch” it. Once the virus gets in it can and will spread to multiple segments of your system or code.
One example of a virus is a Polymorphic Virus. This particular type of computer virus is amongst the most complicated because it duplicates/recreates itself and is also self-encrypted. While most of us are using AntiVirus (AVR) software to detect these types of intrusions, this virus can completely bypass your scanner because of the creation of itself in multiple variants.
What is the best approach for protection?
While it is highly recommended that you employ some type of AVR (Anti-Virus Removal) in your network, there is a bigger picture approach that will help “stave” off these malicious code attacks. Think in terms of Layered Security, what else can you do besides JUST having a virus scanner? Have you considered utilizing Antimalware as well? Yes, AVR scans for viruses, but Antimalware is actually designed to defend against actual malware attacks (malicious code attacks), what about Threat Detection? Do you have Email Security? Just some food for thought.
No comments:
Post a Comment