Today, most people use their devices to connect to the internet. But if you happen to not use the internet on any given device, such as a tablet or laptop, do you still need antivirus software, or is this a waste of money?

Online Cyberattacks

laptop with phishing icon on matrix background

There's no denying that online cyberattacks are more common than offline attacks. The age of the internet has opened a door for threat actors looking to exploit unknowing victims, be it for data theft, remote access, spying, or otherwise

The most common online cybercrimes are phishing, malware attacks, Denial of Service (DoS) attacks, and Man-in-the-Middle (MitM) attacks.

All these cybercrime methods can be incredibly damaging. There are numerous kinds of malware out there, many of which are getting more sophisticated by the year. Phishing attacks are also becoming harder to sniff out. As antivirus software improves and people's knowledge of cybercrime develops, criminals need more advanced ways of accessing devices and data.

But things don't stop at online attacks. Offline attacks can be just as dangerous.

What Are Offline Cyberattacks?

photo of various hardware input devices

A popular method of offline malware infection is using a flash drive. Flash drives can be equipped with malware, which will then infect any device it is plugged into. If you're using your device in a public place, or at work, it becomes that much easier for an attacker to infect your device using a flash drive if you happen to leave it unsupervised for a few minutes.

Threat actors use flash drives to infect devices for various reasons, such as for remote access and data theft. An infected USB can also trigger an electrical charge that can severely damage the hardware on your device, frequently beyond repair. Attackers will often disguise malicious programs as benign files so that the victim will click on them without a second thought. Once this is done, the malware is able to get to work.

A flash drive may also be used for HID (Human Interface Device) spoofing. In such an attack, the flash drive will be installed with a program that tricks your computer into thinking that it is attached to an external keyboard (which is itself a HID). Keystrokes are then used to infect the device with malware. HID spoofing is often used to execute commands without the device owner's consent.

Take StuxNet, for example. Discovered in 2010, this computer worm could infiltrate and infect offline networks and mainly focused on targeting Iran's nuclear program. StuxNet could infect a device via a simple USB stick and was even able to stay under the radar of security tools using a rootkit.

This is why you should never plug any random flash drive into your device. Even if you think it can be trusted, if it isn't brand new, it may be infected with malicious programs.

Devices can also be infected through juice jacking, an attack that involves infecting ports and cables at public charging stations via the data transfer pins of the USB connection. If you're a regular user of public charging stations, you could be exposed to malware attacks regardless of whether your device is connected to the internet or not.

Through juice jacking, your device could be subject to data theft and malware-based attacks. Your device can also be totally disabled, locking you out completely.

Why You Need Antivirus at All Times

computer screen showing security option

Even if you just use your device for drawing, writing, or another offline activity, you're still at risk of being infected with malware.

An antivirus program won't just alert you of malicious programs; it will often quarantine or eradicate them. Though this can't be done with all malware programs, it certainly serves as a strong first line of protection. Many antivirus software programs can work without an internet connection, so this won't be a problem if your device is never online.

On top of this, most antivirus programs provide you with security recommendations to protect your device as much as possible. Even if you think you're on top of security, there may be certain areas that you haven't thought of that are currently acting as vulnerabilities. For example, you may not be protecting your device with a password upon startup.

Antivirus Software Is Crucial

No one really wants to pay for antivirus software. Most of the time, it operates in the background, and we rarely interact with it. But this kind of tool can prove invaluable to your device, both online and offline. So it's always better to be safe than sorry and equip your devices with a trusted antivirus service.