Antivirus tools are the aircraft flotation devices of PCs: They give you a false sense of security.
Despite efforts by security companies to thwart cyber-attacks, hackers keep finding new ways into unsuspecting people’s computers and systems.
That’s why Microsoft is adding a new feature to its Windows Defender line of anti-hacking tools: When hackers do get in, Microsoft will help customers identify the attacks and stop them before they spread.
Windows Defender Advanced Threat Protection isn’t admitting defeat, per se. But it’s taking an important step towards coping with reality: Your system is going to get hacked, and you’d better be prepared when it does.
Microsoft says the new tool analyzes information from more than 1 billion Windows devices, 2.5 trillion websites and 1 million suspicious files. When it senses an attack happening to one of its customers, Microsoft will send a notification.
For example, the tool might detect that a suspicious IP address is trying to connect with a device on a customer’s network, and the IT guy will get an alert.
But Windows Defender ATP will also use that intelligence to alert other customers whose systems appear to be suffering from a similar attack too.
Advanced detection is crucial. Microsoft said it takes corporate customers 200 days on average to detect a security breach and 80 days to contain it. That average cost is $12 million per cyber-attack.
“There will always be this possibility of attack,” said Terry Myerson, Microsoft’s Windows chief. “Instead of taking 200 days to detect, this could catch attacks very quickly.”
Windows Defender ATP is available for corporate customers who have deployed Windows 10 on their PCs.
Microsoft is trying to pitch Windows 10 as a necessary upgrade for any organization concerned about security. The Windows Defender ATP announcement comes a couple weeks after Microsoft revealed that all 4 million of the Pentagon’s PCs will be upgraded to Windows 10 within the next 12 months.