Accounting Software, CRM Software, Business Management Construction software, Accounting, Estimating, Project Management, CRM, BOQ's, Specifications, Document Management Manufacturing software for ERP, MRP, APS, Distribution and Warehouse management Retail software solutions, EPOS, Chip & PIN, Loyalty etc.
Home
Register for iTSHOWCASELIVE
Need Help? Let us help you find your perfect iT Supplier
Learn about iTSHOWCASE
Privacy Policy
View Glossary
spacer
spacerNews
spacer
Web Watch - Virus watch
Kathy Thornton, iTSHOWCASE News's very own 'Technology GP,' has produced the idiot's guide to the computer virus

Virus: Any of numerous kinds of very simple organisms smaller than bacteria, often able to cause diseases; fig. poison, source of disease

Program that propagates itself, via disks and electronic networks, to cause disruption 

"Virus" - you've only to whisper the word and panic will seed itself in the mind of any computer user.  The Latin translation speaks for itself: "poison." 

In fact, viruses can generate so much panic that reports of a new virus often spread more rapidly than the virus itself!  The flip-side, however, and the clear and present danger, is that a more nonchalant attitude towards the computer virus, generated by the belief that many rumours of viruses devastating computer systems globally are simply propaganda and no more than media hype, is prevailing. It is this very attitude that is responsible for the chaos caused by viruses such as "Melissa" and "The Love Bug."

Awareness, as with anything, is the key!  Therefore, in an effort to shed some light on the complexities of the horrible computer virus, I hope to reduce the number of unnecessary casualties that fall prey to these destructive artificial life forms!

Definition

Firstly, let's be clear - what is a computer virus?

A computer virus is a program created for destruction.  Man-made for all number of unjustified reasons, a code is written, tested to make sure it spreads properly and then released into cyber-space.  It contains instructions that tell a computer to perform actions without the user's consent, such as overwriting your hard drive boot sector, or deleting files and leaving your machine totally defunct.  By concealing itself within your files, the virus spreads methodically from one file to another, so that as each contaminated program is opened, the virus is also activated. 

Once in a computer's memory, the virus can infect any poor defenceless file it so wishes, including those stored somewhere else on a network and as a result, can spread swiftly across open networks such as the Internet, causing colossal sums of damage in a very short space of time.  This means no one is safe, and with over 53,000 viruses now in existence, the probability of receiving a virus over a 12-month period has increased from 1 in 1,000 five years ago to about 1 in 10 today!  Ahh, got your attention now have I?

Whilst most viruses are fairly harmless and in truth, are not as prevalent as some would have you believe, there would appear to be some 600+ viruses that are of a totally destructive kind.  Therefore, with the risk always there, if you value your data, viruses should not be ignored!

Why me?

As I've said, no one is safe.  However, a virus can only be spread if someone activates it!  This being the case, should you know someone who's chosen the path of ignorance, hasn't taken the necessary precautions and who's strode on blissfully unaware and activated the wrong file at the wrong time, unfortunately, just through the powers of association, you can be fairly certain they'll be a virus with your name on it heading your way! 

A virus is contracted when contaminated files are copied onto a computer, and its code is activated.  Running the infected application or opening an infected document activates it, such as opening an email attachment, activating a download, transferring files over a network or sharing infected floppy disks.  These files can all too easily be copied and through these many disguises, the virus can spread from one computer to another.

Once opened, the malicious code will then copy itself into a file on the computer's system, where it'll wait to dispense its "payload" - the instructions created by the programmer who designed the virus.  The payload will be triggered at a date and time set by the virus writer or upon the action of a specific command performed by the computer user, such as clicking "save" or "open" when working within a program.  Simply deleting the host, i.e. the e-mail or download, after you've activated it won't get rid of the virus, since it has already entered the machine. It's quite simply a case of too little too late.

What should you be looking for?

Unfortunately, there are thousands of different viruses, but most at least can be categorized and therefore better understood. Here are a few:
 
A Macro Virus
This is a very widespread virus affecting Microsoft Office applications, such as Word and Excel and can damage documents and hard disk data. This type of virus is easily passed via an infected document attached to an e-mail.

A Boot Sector Virus
These are spread by hiding on your hard drive or floppy disk.  They replace the valid contents of your hard drive with their own infected version and can stop you from being able to boot your hard disk.  They are usually spread in error by floppy disks.

A Multipartite Virus
This kind of virus attempts to attack and infect both the boot sector and files.  An infected file is used to infect the boot sector and is one case where a boot sector infector could spread across a network, which is not usually possible.

A File Virus
A file virus inserts itself into a file and replaces a key system file on your computer.  By infecting applications, and once in the memory, these viruses can reload themselves each time you start up your computer. 

A Polymorphic Virus
This is an encrypted virus that hides itself from antivirus software through encrypted data.  It changes code whenever it passes to another machine, in theory making it hard for antivirus software to detect.

A Stealth Virus
This type of virus hides itself by making an infected file appear uninfected.  Because it tends to hide itself in memory, it's usually detected by antivirus software.


Other bugs

There are several other kinds of unwanted electronic bugs, which strictly speaking are not viruses but termed as "malicious code." The following definitions will help you recognize some of them:

Virus Hoaxes
These are sent as e-mails and usually contain characteristic elements such as advising you to avoid an e-mail with a particular title, suggesting you do not open it and asking you to forward the warning to everyone in your address book.  They cause great damage to the Internet because they slow down traffic and clog up e-mail servers.  

A Worm
This is a program that can run independently and replicates itself as it spreads from machine to machine through computer networks. Taking up storage and slowing the computer down as it goes, it does not itself delete or alter files but may carry code that does. The I LOVE YOU virus was a classic example of a worm. 

A Trojan Horse
This is an awful program designed to carry out a nasty act whilst disguised as useful computer files or programs.  Whilst it doesn't reproduce itself, when loaded onto a computer, it can take information from your system and open your computer up to hackers, allowing them to read your files.

Prevention rather than cure!

So what can you do to protect yourself?  Plenty!  Really there are no excuses. 

In the first instance, every computer should have antivirus software installed.  If set up correctly, antivirus software can detect nearly all types of known viruses so long as it's regularly updated and scans run to maintain effectiveness and keep tabs on any infections on the run.  Major antivirus software companies include Symantec - Norton AntiVirus (www.symantec.com) and Network Associates - McAfee VirusScan ( www.nai.com) You can find more companies listed at the end of this article.

Secondly, don't open any unexpected or foreign e-mails with attachments until you've scanned them with your antivirus software first.  Alternatively, contact the sender before you open it and approve the contents of the document.  Always be aware that a huge percentage of viruses will come from people you know, so it's wise to check out anything suspicious by visiting sites like www.f-secure.com/v-descs. If in doubt - delete it! This way you don't take any unnecessary risks.

The same rules apply to all those e-mails that you send. Do not send any attachment without being sure it is safe.

Thirdly, show caution when copying files onto your computer. Just as with suspicious e-mails, it's always advisable to scan them first.

As a final precaution, back up your data. Do this regularly but be careful to check the back up for infections too!

The Future

With viruses like Blaster, Nachi and Sobig.F leaving destruction in their wake over the summer, now more than ever, the computer user needs to show particular caution.  "Without doubt this has been the worst week in the history of the virus.  Viruses have spread so fast and so far in the past seven days that companies must be feeling very bruised," said Graham Cluely, Chief Technologist at Sophos, commenting this August.

With new net technologies presenting opportunities to not just our genuine computer users but virus writers as well, anti-virus and security companies know only too well the importance of keeping one step ahead.  "If what might be viewed as cyber vandalism can have this scale of impact, the issues of designing out opportunities for e-crime acquire an urgency that has been missing to date.  We have to address what can be done within current technologies without waiting for what might be around the corner," stated Philip Virgo, strategic advisor to IMIS (Institute for the Management of Information Systems.)

So, while the powers that be are busy trying to pre-empt the enemy's next move and adapting their tactics to protect customers and catch new viruses, what can we be looking out for currently? Below are listed just a few recent virus threats, with addresses for further information and removal tools.

Worth highlighting, however, is the Internet Explorer / Outlook "hole." Some Web viruses are sidestepping antivirus software by sneaking through a "hole" in Internet Explorer / Outlook.  Without having to open any attachments, viruses are finding other ways through and whilst updating your antivirus software is important, it's not an effectual remedy for the problem. The only way round this is by sealing the hole with "patches" which are supplied regularly by Microsoft (www.microsoft.com/security/bulletins). 

W32.Sobig.F@mm
http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html
This virus is back and seems to be well on the way to setting records for creating havoc. Sobig is particularly nasty.  Once a machine is infected, the virus downloads trojans from a series of websites on the Internet and turns the infected machine into a spam engine. The main warning sign is text containing the message: "See the attached file for details" or "Please see the attached file for details."

W32.Sobig.E@mm
http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.e@mm.html
It is immediately recognisable by the message contained in the body text, namely: "See the attached zip file for details."  Beware of unidentified attachments!

W32.Blaster.worm@mm
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html
This virus arrives as an e-mail attachment, and the Blaster "worm" tunnels in undetected via an Internet connection. Once inside, it slows down processing speed, reducing email traffic to a crawl and causing the machine to crash.

W32.Nachi.worm@mm
http://securityresponse.symantec.com/avcenter/venc/data/w32.welchia.worm.html
This is a new worm which exploits the vulnerability recently discovered in several versions of the Microsoft Windows operating system in order to spread to as many computers as possible. Nachi.A does not spread via e-mail but attacks remote machines via TCP/IP (a set of protocols developed to allow cooperating computers to share resources across a network). The attacked computer is forced to download a copy of the worm.  One of its main characteristics is that it can uninstall the Blaster worm.

W32.Bugbear@mm
http://securityresponse.symantec.com/avcenter/venc/data/w32.bugbear@mm.html
Bugbear attempts to expose the computer to possible hackers and usually comes in via an e-mail as it uses a variety of familiar subject headings, such as "Lost and found" or "Membership confirmation".  However, it can also make subject headings derived from documents stored on the user's computer, including e-mail subject headings that appear entirely reasonable to the receiver.

W32.Klez.E@mm
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.e@mm.html
This clever virus chooses the subject heading, message body, and attachment file name(s) at random, and the message appears to be coming from a source other than the infected person's e-mail address.

Remember, with most of these viruses, prevention is obviously better than cure. Ironically, Norton picked up a virus on my PC as I wrote this article! So, if you've updated your virus definitions, you've not much to worry about.  However, with Christmas on the horizon, many antivirus companies are also warning computer users to be on their guard for an extra invasion of contaminated e-mails, particularly with many individuals and more and more businesses turning to festive e-mails as an alternative to Christmas cards. 

So you've been warned!  Take heed, viruses attack the weak and vulnerable.  So get out there, toss your ignorance to one side, install the software, zap suspicious e-mails and pledge yourself to the fight against artificial life forms! 

Reference - Antivirus and firewall software

Network Associates (McAfee VirusScan): www.nai.com - antivirus software and info.
Symantec (Norton AV): www.symantec.com - antivirus software and info.
Trend Micro: www.antivirus.com - site contains useful online scanning software.
Sophos: www.sophos.com - antivirus software and info.
ZoneAlarm Pro: A firewall package that can be obtained via www.zonelabs.com
The Cleaner: A handy package that hunts for Trojans lurking in your system: www.moosoft.com


spacer

General software latest...
Ten top tips for controlling costs in the current climate from BT Business...

Security software latest...
Rising adoption of Open Source Software is putting businesses at greater risk...

General software latest...
Government calls for carbon neutral computer systems while DMW Group urges common sense...

General software latest...
Online video is now the most popular online media activity...


Browse By Category  

spacer
spacer
spacerFeatures
spacer
Supply chain planning can weather the economic storm
Can a new breed of supply chain professionals lead companies out of the worst effects of the economi...
Do you speak Geek?
The Boss' guide to Geek Speak by Peter Mitteregger, European Vice President CREDANT Technologies...
iTSHOWCASE Awards 2008
...
Unravelling the mess of MES
Voices of reason from the vendor community agree there is much to be learned, even when those voices...

 
Browse By Category  

Register