Computer Viruses . . . Even the name strikes fear in the hearts of the most valiant! Peggi Clanton
Common Questions About Computer Viruses • What exactly IS a computer virus? • How do we “catch” them? • How much damage can viruses do? • How do we get avoid and get rid of them? • What are the most common viruses? • Who writes viruses and why?
What is a computer virus? A virus is a set of illicit instructions imbedded in a file that passes itself on to other files with which it comes into contact. It is a form of vandalism. People often confuse computer worms with viruses. A worm is a program that transfers itself from computer to computer over a network and plants itself as a separate file on the target computer’s disks. Worms are rare, but quite “contagious”.
How do we catch computer viruses? • The most common way to spread a virus is by downloading something from the internet – perhaps free software. Often a virus has been written into the program. It may not show up for hours, days, or months. • They can be transmitted by diskettes from computer to computer. • A diskette brought from home with a virus then taken to work or school and placed in a network computer can infect the entire network. • You don’t get them from surfing the web. • Generally, you don’t get them from reading email. Most viruses that come with emails are in attachments that have to be opened.
How much damage can viruses do? • Some viruses are more like pranks and just do silly things, but still cause lost time and stress. • Some can erase any file you try to load from your disk. • Some destroy your hard drive. • Some flash pornographic pictures or messages on your screen • Some corrupt data • Some make letters drop to the bottom of the screen • Some send e-mails (with the virus) to everyone in your address book
What can we do about viruses? • Prevention is the answer. We should keep an up to date anti-virus program on our computers at all time. Visit the website for your particular program often for updates as new viruses and worms are written constantly. • If you find that there is a virus on your computer, a good virus scanner can usually clean and repair it. If not, you may have to take your computer for evaluation. • Wondering how they figure the viruses out? The anti-virus software searches for a virus signature, a unique string of bits. When new viruses are discovered, they are named and published. • Your anti-virus software can be set to scan every time you boot the computer or at regular intervals, whatever your preference is.
The most common viruses & worms? • Jerusalem – deletes any program executed on Friday the 13th • Cascade – picks random text characters and drops them to the bottom of the screen • Michelangelo – destroys all data on the hard disk on March 6, Michelangelo’s birthday • Melissa – macro virus distributed as an e-mail attachment that, when opened, disables a number of safeguards in Word 97 or 2000, and, if the user has the MS Outlook e-mail program, causes the virus to be resent to the 1st 50 people in the user’s address book • Ripper – corrupts data written to a hard disk approximately 1 time out of 1000 • MDMA – affects Microsoft Word files; can delete files
Who writes viruses & why? • In the past, viruses were written mostly by young males. Now, they are more sophisticated, older, and trade ideas over the internet. • Psychologists say that they do it to brag – to impress their friends. • It is believed that there are hundreds of virus writers worldwide. • There are thousands of known viruses, but the majority of the major damage done by them is done by about a dozen. • As a side note, a retro-virus has been written that fights anti-virus software & may even be able to delete it!
The Internet . . . And its Unique Security & Privacy Problems
Let’s name a few of these Problems • Network security • Networked employees privacy issues • Web privacy issues • Spam (not the canned meat!) • Legislation
Network Security • Whether a network is connected to the internet or not, it poses a unique security (and privacy) problem. In order to allow so many people (from remote locations) access to the same information, it is extremely difficult to keep unauthorized people from attaining access. Companies are concerned with industrial spies, disgruntled workers, thieves, and hackers. • One of the most common approaches is the use of a firewall – a combination of hardware & software that sits between the company’s intranet & the internet. All traffic between the two goes through the firewall & it protects against unauthorized access. It can also keep the employees from accessing inappropriate websites on the internet. • Encryption is a way of scrambling data that is sent over communication lines. The date is put in a code that can only be deciphered by the receiver that has the encryption key. There is a Date Encryption Standard that has endorsed a standardized private key encryption where senders & receivers use the same key. Public key encryption systems are convenient by having a pair of keys. The receiver keeps one key private & makes the other public. That way, anyone can encrypt a message to the receive (like for purchasing online). RSA is the most common.
Network Employee Privacy Issues • What employees consider spying, employers often consider “monitoring”. • Software is available that allows managers to pull up employee’s current computer screen, check their e-mail (and history), number of keystrokes per minute, note the length of breaks, and monitor which computer files are used and for how long – all without the employee’s knowledge! • Worker associations state that monitored workers suffer much more stress than unmonitored workers. And privacy groups are lobbying legislators to enact legislation that will require employers to at least alert employees that they are being monitored. • Employers state that monitoring is necessary for training, monitoring resources, and helping employees.
Web Privacy • We can be monitored when we are on the internet by the sites that we visit. It can collect everything from the city that you are calling from, the site that you were at previously, to what you do while on that site. • There is a software available that monitors click stream, the series of mouse clicks that link from site to site. This creates a history of what the user views on the web. • Web servers store information about us in a cookie, a small text file that is stored on our own hard drive & sent back to the browser each time you visit the site. Online brokerages & shopping are two convenient examples. However, they can also be used to put more advertisements on your screen by having traced your interests. It is possible to set your browser to refuse all cookies or to warn you when a site attempts to store a cookie on your computer. • Platform for Privacy Preference Project (P3P) is a set of standards that allows a web site server to transmit its privacy policies electronically to the user. Participation is voluntary, however.
Spam • Junk e-mail – seems to get worse and worse. Sending mass unsolicited emails is called spamming. • It would cost about $800,000 to mail an advertisement to a million people. It only costs a few hundred dollars to send it on the internet. Thus – spam! • Junk e-mail can be misleading – with subject lines that sound personal or say things like “Here’s the information that you requested” • The best way to slow it down is to NEVER open it & NEVER EVER respond to it! • Filter software gives some protection & some internet providers offer filtering. • Most experts suggest using one name for e-mail and one name for surfing the web – and never opening any e-mails that come in under the name that you use on the web.
Legislation • Legislation has been slow in coming for internet problems as there is nothing prior to base it on. • The state of Washington passed a law in 1998 that bans unsolicited commercial e-mail with misleading information in the subject line. • AOL won $7 million in a suit against a spammer due to a Virginia law passed in 2002. • November 22, 2003 – Anti-Spam bill passed the US House of Representatives • November 25, 2003 – Anti-Spam bill passed the US Senate • January, 2004 – Anti-Spam bill will go to the President
Works Cited • Brain, Marshall, http://computer.howstuffworks.com/virus.htm • Capron, H.L. & Johnson, J.A., Computers: Tools for an Information Age. • Mark, Roy, http://dc.internet.com/news/article.php.311361 Anti-Spam Bill Clears Senate • McGuire, David, www.washingtonpost.com/wp-dyn/articles/A5892-2003Nov22.html House Passes Anti-Spam Bill • Mueller, Scott Hazen, http://spam.abuse.net Fight Spam on the Internet • www.vmyths.com/ Truth about computer security hysteria (no author listed) • www.symantec.com/avcenter/hoax.htm Security Response - Hoaxes (no author listed) • www.itworld.com/Man/2689/ Employee Privacy (no author listed)