CrowdStrike Highlights the Dangers of 'Security' Software

CrowdStrike, the security software that took down much of the business world last Friday, shows that for most of us, running antivirus software is a bad idea.

On Friday morning, CrowdStrike pushed a bad software update to millions of computers that rely on its security software to protect from malware and cyber attacks, the kinds of attacks that could take their systems offline. Except the update did exactly that, and millions of Windows computers got stuck on the Blue Screen of Death, aka the BSOD. Payment systems, airline scheduling networks, and more, all broken because of an automatic update from a single vendor. And while security software might still be essential for corporate networks, this disaster offers a glimpse at the huge downsides of relying on software for your security and why most people shouldn't bother.

"I think if you don’t know what you’re doing […], you’re better off without an AV suite. AV suites tend to have privacy and security issues such as data collection, system vulnerabilities, and performance slowdowns. Instead, users can utilize built-in security features like Windows Defender," Craig Boyle, co-founder of IT company MSP Blueshift, told Lifewire via email.

Anti-Security

Antivirus software on your personal computer isn't just pointless; it could be actively detrimental to your cybersafety. Yes, cybersafety. First of all, your computer already looks for viruses and malware. Both macOS and Windows scan software to make sure it's not up to anything nasty. By default, the Mac won't even open an app that hasn't already been notarized and pre-checked by Apple.

Meanwhile, the risks of modern malware go way beyond viruses on your computer, and the delivery methods are way more sophisticated. Because computer security is so good, security exploits focus on the weakest link in the fence—you, the human. Phishing attacks and other kinds of social engineering try to trick us into giving away secrets by clicking on links to cloned websites, for example.

"We have moved beyond the days when computer viruses merely corrupted files. Now, we face sophisticated threats that combine social engineering with malicious software, aiming to do far more than just damage your computer,"

Third-party security software brings its own problems. One is that the constant scanning of the computer can seriously impair performance, slowing your computer to a crawl. You also now have to trust two vendors—the maker of your computer and the maker of the virus software, which has—by design—access to everything on your device.

Does that sound paranoid? Then check this out. A couple of years ago, antivirus vendor Norton installed cryptocurrency-mining software on your computer as a part of its Antivirus suite.

Downsides

And even if the vendor is legit, those deep hooks into the system can cause their own problems, as we just saw with CloudStrike. Microsoft doesn't provide an approved, supported way for security app vendors to safely connect to your computer, so the developers of this software have to hook it into the computer's kernel, which is the very deepest part of the operating system. Anything that goes wrong in the kernel can spell disaster.

But perhaps the biggest argument against antivirus and anti-malware software for individuals is that it makes you complacent. If you feel that your computer is protected, you may be less likely to check that emailed link before clicking it. You might go ahead and install that cheap app without first researching the developer behind it. You might plug any old USB accessory into your computer without knowing where it came from.

It's not that malware, spyware, and ransomware aren't a problem. They're a huge problem. It's just that installing always-running software from a company you cannot vet that hooks itself into the deepest parts of your computer might not be the best way to counter it.

Instead of relying on hard-to-trust software to keep you safe, you're going to have to do some of the work yourself. Get to know what your Mac or PC's built-in security does. Avoid third-party security software unless you know why you need it, and make sure you know how to avoid phishing and other scams. And instead of spending money on antivirus suites that want to use your computer to mine crypto, spend it on a good backup strategy so that if the worst does happen, you can recover quickly and easily.