Sophos warns against antivirus dependence

While viruses are an important threat, companies need to take a wider view of security, according to the antivirus firm

Security vendor Sophos has warned companies not to rely on antivirus software to protect their IT infrastructure and systems.

Speaking at the Information Systems Security Association conference in London on Thursday, Vanja Svajcer, senior virus researcher for Sophos, said companies should also look to alternative technologies and procedures to ensure their IT assets are secure.

Svajcer said: "I always say, 'Do not rely on antivirus software.' The problem is we have to see a virus before we can detect it. If antivirus is in place, it may not detect [a virus] because it may be very targeted for you."

Svajcer added that virus writers are becoming more precise with malware attacks but most people only pay attention to email viruses. Viruses that give hackers access to compromised computers, otherwise known as bots, were a hidden problem, he explained.

"Most people know about email viruses as they get more coverage. But bots are running under the radar. People are not really aware there are so many," he said.

Virus writers are expected to improve the resilience of botnets in the next year, he said, as currently they are often easy to take offline by shutting down the controlling IRC server.

One hope on the horizon, according to Svajcer, is that most antivirus vendors are looking to improve the generic detection for viruses, which would help to stop the spread of tailor-made malware.