I'm curious about this because of a recent article that I just read ("Internet Security Fail
"). This is what disturbs me the most in the article:
"The truth is, consumer-grade antivirus products can’t protect against targeted malware created by well-resourced nation-states with bulging budgets. They can protect you against run-of-the-mill malware: banking trojans, keystroke loggers and e-mail worms. But targeted attacks like these go to great lengths to avoid antivirus products on purpose. And the zero-day exploits used in these attacks are unknown to antivirus companies by definition. As far as we can tell, before releasing their malicious codes to attack victims, the attackers tested them against all of the relevant antivirus products on the market to make sure that the malware wouldn’t be detected. They have unlimited time to perfect their attacks. It’s not a fair war between the attackers and the defenders when the attackers have access to our weapons."
So, the operative word here is "targeted
malware". It's one thing to exploit anti-virus software, but another to actually get inside a computer's security perimeter. The majority of infections are caused by an unsuspected payload getting onto a computer and then eventually being executed, or somebody clicking on a website icon/link and accepting the invitation to execute. The anti-virus software is the last line of defense (discounting other intrinsic protections like hardware DEP). But what about hackers that are out there, trying to punch holes through computer firewalls at random? Is Windows Firewall, in combination with your ISP, cable modem, and wireless router security, enough to protect against direct malicious attacks like that? I would venture to say that the home user is pretty well off the radar of hackers and that it's only large institutions whose servers are connected to the Internet 24x7 that are really at risk. But then, there's the matter of hacker apprentices who may port scan
the IP address ranges just hoping to find something vulnerable to start poking around at, as a practice test... right? Or have things improved enough to prevent such activities?
My main curiosity is to know if your "Internet footprint" is of any consequence. If I'm away from my computer for a good stretch, is there any benefit to turning off the Internet connection? Or should I never worry about that?