Major Antivirus providers hacked, May 2019

Traditional Anti-Virus Failure

On May 9th, 2019 it was announced by the security company AdvIntel that 3 of the major antivirus software vendors, Symantec, Trendmicro & McAfee have been compromised. These giants make up 25% of the antivirus (AV) market and account for hundreds of millions of machines worldwide. The information security company AdvIntel reports that a hacker group named “Fxmsp” is selling the source code and network access to these compromised AV networks for $300,000 and presents strong proof of its claim.

A Better strategy is Containment

Containment based security software remains unaffected. Comodo built the world’s only Containment technology that has been battle tested on thousands of enterprise networks! Containment is “the action of keeping something harmful under control or within limits”. This technology, also referred to as a “Sandboxing” or “Virtualization”, protects your real system files by running unknown executables against disposable copies. If your executable begins affecting system files and folders, then the sandbox is destroyed and the malicious code along with it.

ICT uses Containment and More

Since a recent major infrastructure upgrade, ICT support clients can be assured that their Antivirus strategy is Containment. Our software has remained the #1 ranked security and antivirus software for enterprise security. Our configuration includes host intrusion protection, antivirus scanning, and automatic containment. This security first approach prevents a wide variety of attacks including Trojans, Spyware, Rootkits, Crypto-Lockers, Man-in-the-middle attack, and yet unknown attacks.

More about Auto-Containment

Containment is automatic for all new and unrecognized files with the ICT configuration for medical IT support. If you run a new file you may see a popup in the lower right-hand corner. This is Auto-Containment asking if you would like to allow this software to modify your system files. This image is an example of a virus being auto-contained and nothing needs to be done. If you are unsure about this file, then please contact your system administrator. If you have a known safe file and it is providing this warning, then click “Don’t Isolate It Again”.

Containment is automatic but you can run any programs inside a contained environment. The changes you make will not be saved! Here is how:

• Right click on any program that you want to run inside a sandbox.
• Select “Run in COMODO container” from the right-click context menu.
• The program run inside the container will have a green border to distinguish it.

Conclusion

Containers are a proven method to prevent a wide variety of attacks from affecting your computer. It is important for business owners, especially HIPAA covered medical offices to use the latest in IT security software. Traditional Antivirus security can never compare to the layered approach of Containers. Lastly, many people affected by this breach have learned a lesson that a “free” antivirus or security solution isn’t free when a breach occurs.

References:

• https://arstechnica.com/information-technology/2019/05/hackers-breached-3-us-antivirus-companies-researchers-reveal/
• https://www.alalper.net/traditional-antivirus-breached/
• https://www.trishtech.com/2019/01/how-to-use-comodo-container-to-run-programs-in-a-sandbox/
• https://www.infinitepc.net/2019/04/25/security-practice-password-managers/