"Never settle for less than your dreams.
Somewhere, sometime, someday, somehow, you'll find them
."

- Danielle Steel, Bittersweet.

Get more Insight, Inspiration and Self Discovery at The Walkabout.

Wednesday, October 8, 2014

Dealing with Viruses, Worms and Trojans

“Computer technology...could play a role in rebuilding community by improving communication, economic opportunity, civic participation, and education.”
- Douglas Schuler (U.S. author)


Computers are wonderful. They increase productivity, save time, are efficient and can do so much. Essentially, they make life easy. However, worms, viruses and other malicious programs can cause nightmares that greatly undermine any good computing effort.
The Windows operating system has always been plagued by security loopholes and virus attacks. This is largely in part to its popularity – over 70% of computers worldwide use Microsoft Windows. Also, the use of ActiveX technology and controls makes Windows susceptible to many attacks.

In this edition, we focus on viruses, worms and Trojans. We shall seek to find out what they are, what they do and how to avoid infection. In the next edition, we shall look at how to remove specific infections.



Virus
A virus is a malicious computer program attached to a data file that passes from computer to computer. Viruses are written to alter the way a computer operates, without the permission or knowledge of the user.
Any virus must execute and replicate itself. This means that it will often place its own code in the path of execution of another program. Also, a virus may replace other executable files with a copy of the virus infected file. To be effective, viruses require the spreading of an infected host file.

Worm
A worm can copy itself from machine to machine over the network.
Unlike viruses, worms are programs that replicate themselves from system to system without the use of a host file.
Whilst they reside in legitimate files e.g. Word or Excel documents, worms usually render the entire files they reside in harmful.

Trojan Horse
A Trojan is a malicious program disguised as something benign or harmless. Trojan Horses are impostors - they claim to be something desirable but, in fact, are malicious. Trojans contain malicious code that when triggered cause loss, or even theft, of data.
Unlike viruses and worms, Trojans do not replicate themselves. For a Trojan horse to spread, you must, invite these programs onto your computers--for example, by opening an email attachment or downloading and running a file from the Internet.

Symptoms of System Infection
Depending on the infection, an infected computer will present with unique symptoms. However, there are tell-tale signs that will usually be indicative of a virus attack. Following are some signs of infection:
  • The computer is slow in starting up
  • The computer is slow in operation
  • The system crashes with no consistent pattern
  • Anti-virus software may fail to detect anomaly
  • There are strange files with unusual names, especially in system folders and removable media e.g. memory sticks (flash drives)
  • Formatted drives in severe cases of infection
  • Persistent computer freezes
The above symptoms are in no way exhaustive. Different malicious programs cause varied symptoms.


How to Stay Safe

  • Don’t open unknown files and/or programs
  • Don’t open emails with questionable subject headings/senders
  • Beware while online as well as offline
  • Use hard-to-guess passwords.
  • Backup files on a regular basis. Keep the write-protected media in a safe place, preferably in a different location than your computer
  • Install latest software patches/updates
  • Beware of hoaxes
  • Don’t share information unnecessarily
  • Install anti-virus, firewall, IDS, etc.
  • Turn off and remove unneeded services.
  • Enforce a password policy.
  • Configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.
  • Isolate infected computers quickly to prevent further compromising your network or organization
  • Do not to open attachments unless you are expecting them. Be suspicious of email attachments from unknown sources.
  • Do not set your email program to "auto-run" attachments
  • Do not execute software that is downloaded from the Internet unless it has been scanned for viruses.
  • Always keep your patch levels up-to-date e.g. all Windows-based computers should have the current Service Pack installed. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.

The Hype
Amid all the hype, viruses do not lurk in every file, email, program or web site. Then again, you can never know where a virus may be hiding. The above precautions can minimize the risk of getting infected.
Above all else, having a good and up-to-date anti-virus program can keep you safe.

ShareThis