In the face of this ever-present threat, computer security firms have made billions of dollars selling anti-virus software to consumers.
The major problem, says Concordia’s Mannan, is that anti-virus software is by nature reactive, which means that it responds to specific malware after it has been distributed. Should a malware writer change a few lines of code, however, that anti-virus solution suddenly becomes obsolete.
It’s the sheer number of malware variations that makes it impossible for anti-virus software to effectively combat the problem, says Mannan. To illustrate this, he points to the Storm botnet of 2007, a sophisticated piece of malware that affected millions of computers worldwide and generated 8,000 variations of itself every day.
“How many updates or variants are you going to catch, if you’re an anti-virus company?” Mannan asks.