Computer Viruses¶
Definitions
A computer virus is a program that has been designed to copy itself, spreading from one file to another and causing varying degrees of disruption to your computer. The definition of virus is down to its ability to replicate, not to the extent of the problems that it causes. Some viruses do nothing more sinister than making your keyboard bleep or display a message. Conversely, even if a program adversely affects your computer, that doesn’t necessarily make it a virus, unless it replicates itself. Having made this point, it must be remembered that all viruses are bad news if for no other reason than that they will inevitably be passed on to someone else’s files, which will probably upset them and thus cause no end of grief for CCSG. Two common types of problem virus are Macro Viruses (which infect data files such as those in Microsoft Office) and Boot Sector Viruses (which the boot sector of hard disks.)
A worm is a self-replicating virus that is capable of duplicating itself by using parts of an operating system that are automatic and invisible to the user. A worm will spread much more quickly from computer to computer, particularly across a local network. Examples of worms include the much publicised Nimda and Sircam.
What isn’t a virus?
Many people rush to the mistaken conclusion that just because their computer isn’t behaving the way that they expect it to, then there must be a virus lurking about somewhere. This isn’t necessarily the case.
Bugs exist in all sufficiently complex programs and operating systems. This is due to the fact that programmers are human beings, and as such, they make mistakes. Anti-virus software does not detect bugs, which is just as well as it would then report bugs in pretty much everything.
Hoaxes are usually sent as e-mails which warn you of “viruses” on the Internet. The hoax suggests you avoid e-mail with a particular title (such as “Bad Times” for example) and then encourages you to forward the warning to everyone that you know. This results in unwanted e-mails, consumes bandwidth and wastes people’s time. For this reason we ask you: Do not forward e-mails warning of viruses. Contact CCSG if you have any concerns relating to virus threats. There are several sites dedicated to identifying hoaxes (see Furthur Information.)
Trojans are programs written to adversely affect your computer by having malicious code hidden inside apparently harmless programming. Strictly speaking they are not viruses because they do not replicate (and as such are not so common), although a Trojan may be distributed as part of a virus.
How do viruses and worms spread?
It used to be true to say that a computer virus could not spread from computer to computer without assistance from users. However, some “popular” applications such as certain e-mail clients will now preview files without user intervention and will thus execute an infected file. Also, Worms are capable of infecting directories on network shares and spreading whenever somebody tries to open certain documents on these shares. The other possible ways in which viruses can spread are via:
E-mail attachments
Transfer of files over a network
Download of files from the Internet
Fortunately, with a little bit of care and vigilance, it is possible to virtually eliminate the spread of viruses, by following the procedures outlined below.
Virus Prevention (What YOU must do)
All the PCs on the network have anti-virus software installed, currently Sophos Antivirus. If you come across a machine which does not then please contact CCSG. The virus definition databases are updated each time a new virus has been identified so the anti-virus software should always be capable of detecting all viruses, including the very latest. The machines have been configured to scan all local hard drives automatically on a daily basis, so normally you need not worry about doing this yourself. There are however, four important areas for which YOU must take responsibility:
Whenever you receive an e-mail attachment you should save it to disk, and scan for viruses before opening it. Do not open an attachment before doing this, even though you may know and trust the sender. Many viruses are propagated from an infected PC without the user even being aware that it has become infected!
Whenever you have copied files onto your computer from another source (from USB, another machine on the network or from the Internet) do not access them without first scanning for viruses.
Regularly (at least once a week) scan your Drives.
If all users on a network took the above precautions then the chances are that computer viruses would not exist on any of the machines. It is important to realise that just because a file comes from someone that you know, this is no guarantee that it is not infected! Furthur Information Below are links to good sites you might want to visit to determine if a virus warning you have received is a hoax:
Trend Virus Information - Links to analyses, definitions and white papers.