People have to be always cautious about computer viruses, because viruses can
spoil people’s money, time, resources and irreplaceable data. According to the
International Computer Security Association (ICSA) study, the financial cost of
virus infection, measured in cost per incident, is $2,454 in 2000 and $8,100 in
1996. Further, the study also reports that complete recovery from an infection
takes an average of 45.6 hours and 9.4 person-days of work in both comparative
years.
A computer virus is explained as a computer program designed to replicate itself
by infecting other files or system areas and then making copies of itself. It may
be benign or will operate without the knowledge or desire of the computer user
by giving negative effects. Modern computer viruses can be categorized in to one
of the following broad virus categories.
Viruses – usually the virus activity within a single computer.
Example: WordMacro Attach and spread through Microsoft Word and Excel files
Trojan horse – when run, a Trojan horse does something harmful to the
computer system, but disguised as something useful Unlike
viruses, Trojan horses usually do not make copies of themselves.
Example: AOL4Free Trojan horse Receives via e-mail with the promise of
receiving “Free AOL”. But eventually deletes all the files in the hard drive.
Worm – is a computer program that propagates itself across computers,
creating copies of itself in each computer, infecting the entire network.
Example: ILOVEYOU worm Sends a copy of the following e-mail message, including
attachment, to everyone in one’s Microsoft Outlook address book. Scans all drive (local and on a network) for multimedia files and replaces them with
a copy of the worm. Subject ”ILOVEYOU“ Message ”kindly check the attached
LOVELETTER coming from me.” Attachment ”LOVE-LETTER-FOR-YOU.TXT.vbs“
Hoaxes – is a false virus warning about a non-existent virus threat. Users
often forward these alerts thinking that they will help others, but this unnecessarily
wastes their productivity and time.
The following summarizes how the viruses get evolved over time, expanding
their capabilities and scope,
Macro viruses: These viruses come attached to documents and when that
document is opened the virus gets activated.
Parasitic or File Infector viruses: These viruses attach themselves to or
replace executable files, such as, files with extensions .com, .exe or even
.sys, .drv and .bin.
Bootstrap viruses: Boot sector is a small portion of a disk reserved for the
bootstrap loader program of an operating system. When a bootstrap virus
infects this bootstrap program, the virus gets activated at each time the
operating system is loaded.
Multi-partite viruses: These viruses often infect multiple targets, for instance,
both files and bootstrap of a disk.
Polymorphic viruses: These viruses are capable of mutating over time to
escape from anti-virus software.
Stealth viruses: These viruses can conceal themselves in memory.• Retro viruses:
These viruses are designed to attack and defeat anti-virus
software.
Another very closely related malicious type of software programs is spyware,
which is a type of a computer program that usually collects information about
the activities of users and sends that information to a third-party over the Internet.
Spyware differs from viruses in that it is designed specially for commercial
purposes and it does not usually self-replicate. A less malicious spyware may
track what types of websites a user is visiting, pop-up advertisements (this type
of spyware is called, adware) or alter the web browser’s settings to always redirect
the users to commercial websites, while a more malicious spyware steels the secret
information of users, such as, passwords or credit-card numbers.
When a virus get activated as a result of executing a virus infected program,
the virus tries to copy itself into uninfected programs in the same computer or
in other computers connected to it over a network. And repeatedly the newly
infected programs try to infect yet more programs. Removable media, such as,
floppy diskettes and USB sticks has remained in the position as a major source
of virus carriers from the past.
The third major source of viruses is email attachments. According to ICSA,
infections that spread through e-mail attachments, the source of macro viruses,
increased from 32 percent in year 1998 to over 60 percent in year 2000.
After understanding the potential risk of virus infection, one should always try
to implement necessary precautions to get rid from viruses. The following is a
list of precautions one could follow in this effort.
Install anti-virus and anti-spyware software from a well-known distributor
(e.g. Symantec , PC Cillin , McAfee , AVG, ClamAV , Sophos) and configure it to be activated
at system boot-up, email scanning and scanning of removable media. Also,
perform regular scanning of entire system area including boot
sectors. Make sure to keep the virus definitions up-to-date.
Scan removable media (floppy diskettes, CDs, USBs. . . ) before copying files
or executing programs.
Do not open any files attached to an email from an unknown, suspicious or
untrustworthy source.
Exercise caution when downloading files from the Internet and always ensure
that the source is legitimate and reputable one.
Take backup of important files in regular basis and store it in a safe storage
area (in a CD)
