Why Antivirus Software Didn’t Save The New York Times

February 01, 2013 by in tips

timehacked

Why Antivirus Software Didn’t Save The New York Times

There is a booming industry that sells computer security products to consumers and businesses. But antivirus companies have a problem: Their software often can’t prevent hackers from breaking into your computer and snooping around.

The New York Times was the latest victim to discover the limitations of antivirus software. The Times revealed Wednesday night that Chinese hackers had gained entry into its computer network for four months in hopes of identifying a reporter’s sources for an investigation into the business dealings of relatives of China’s prime minister.

The Times’ antivirus vendor, Symantec, did little to stop the hackers, the paper said. Of the 45 different kind of malicious software — or malware — the hackers used in their attack, Symantec only detected one of them.

The finding raises questions about the effectiveness of the $7.4 billion antivirus industry. Experts say antivirus software is failing to keep pace with the innovative methods used by sophisticated hackers like those from China.
Huffington Post | Gerry Smith | 1/31/2013

More information:

Hackers in China Attacked The Times for Last 4 Months | NY Times | 1/30/2013

Symantec After New York Times Attack Says Antivirus Isn’t Enough | Bloomberg | 1/31/2013

Symantec to NYT: Chinese Hack Not Our Fault | cnbc.com | 2/1/2013

The Pit Crew

About The Pit Crew

PC Pitstop's Pit Crew is committed to providing you with the information you need to keep your PC safe and running like new.

6 Responses to Why Antivirus Software Didn’t Save The New York Times

  1. Zwelami NickOftime Tshabalala says:

    Iv never really trusted Symantec for whatever reason… an antivirus alone wont protect u….. atleast have a running third party firewall running as well.


  2. Ah. Professional hackers working for the Chinese government were able to bypass a consumer level antivirus program. How shocking. And you think that's reason to diss the entire industry in general and Symantec in particular? Never mind that antivirus programs stop thousands of malware programs around the world daily. Only the failures matter, it seems. Norton didn't stop government level professionals, so the entire industry is a failure and a waste of money.

    Sheesh. Be nice if you guys got a dose of perspective.


  3. Victor Whitepaw says:

    This is the reason I shot down Symantec 4 years ago when a client wanted to switched to them. I found them back then already lacking when it came to viruses and threats.
    I however agree with the article that anti-virus software is not keeping up with changes. The time has changed and AV software needs to get smarter. The new viruses does not have a signature like the conventual virus so a definition file would most likely not even see the virus.
    Also, at a Black Hat conference about 7 years ago it was warned. People must stop thinking that a work network is safe. Implement a solution as if your machine is on the internet, regardless of where it is connected. This goes for servers on the network also. Setup your firewalls on the machines correctly. Don't just disable it.


    • Dave Chapman says:

      Most all AV companies have not relied solely on signature database detection for the better part of a decade already, and NONE of the major AV companies rely solely on sig DB's anymore. There are various levels of other protections available to them with most AV s'ware, users also have to get smarter and use them properly and also stop falling for social hacking methods. This article is misleading as the NYTimes computers were hacked because of user stupidity with the Times computers. If a user is tricked into ALLOWING an exploit into the system, it's allot harder for security products to flag it but the good ones will catch it with heuristic methods and/or by flagging non-standard actions being done from that computer or network.


  4. looks like I'm going to be busy.


  5. Steve Murphy says:

    The NYT only had virus signature component of the Symantec software enabled:

    http://investor.symantec.com/phoenix.zhtml?c=89422&p=irol-newsArticle&ID=1779762&highlight=


Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Scan with PC Matic

Sign up for our FREE Newsletter

Our weekly newsletter is packed with computer tips & tricks.
As a bonus, receive monthly emails with exclusive offers.

Which device is the most important to you?

View Results

Loading ... Loading ...


Contributors