What is a computer Virus and how do they work?
Viruses can create a technological holocaust for millions of computers around the world. Businesses fret over the potential for a catastrophic meltdown of networks. Individual consumers worry about zapping their computer's hard drive simply by clicking the wrong e-mail attachment. Experts say such worries are well-founded, but emphasize that a combination of the latest anti-virus software and common sense will drastically reduce the odds of being infected. The cost of not taking such precautions can be high.
How they work, and what to look for.
Dreaded computer viruses, you hear all about these nasty nasties, but do you really know what they are and what havoc they can wreak? The mere thought conjures up devastation and turmoil and can get your imagination rolling. Tall tales, such as the Good Times Virus and other hoaxes, have made it hard for most of us non-anti-virus researchers to determine fact from fiction.
The following description seeks to get to the bottom of just what viruses are, how to avoid infestation, how to determine if you've caught one, and what to do if you have.
In the simplest of terms, a virus is a computer program that reproduces itself and attaches that copy to other computer programs. It does so in such a way that its instructions (viral code) are carried forward when the infected program is launched or when an infected disk is left in the disk drive and allowed to boot. The most troubling part about this is that it is done without the consent or knowledge of the computer user.
Viruses can be as benign as a minor case of acne, such as those that display pleasant or annoying messages, or as malignant as a full spread disease, such as those that destroy your data files and system.
Rest assured, only a small percentage of viruses are of the latter type. In fact, there are nearly 20,000 known viruses for the PC (There are a lot less Mac viruses.) of which only 500 are currently "in the wild" (circulating on unsuspecting computers). Of that, only 20-50 are known to cause serious damage. For more information on the prevalence of viruses, visit http://www.virusbtn.com/WildLists.
All viruses follow pretty much the same course of action. When the virus code is run it reproduces and infects other programs. When it starts to spread is usually a characteristic of that particular virus. Some infect each time they are run. Other more tricky ones infect when triggered by a certain time, date, function, or other external event.
Then some have an attack phase, otherwise known as a "payload," associated with them. A payload is the damaging effect of the virus that runs the gamut from deleting files or randomly changing data on your disk to playing music or creating messages or animations on your screen. When the virus inflicts its damage is also characteristic of the particular virus.
But most delay doing so only until after they've had time to spread. Some are written to spread only which is bothersome as well because they take up space and slow down your system.
A graduate student at MIT, as part of a controlled experiment he was conducting, wrote the first virus in 1986. A year later, hackers caught on and began writing and spreading viruses. By 1990-1991 the number of viruses found in the wild started to flourish. There are several types of viruses: Boot Sector, File, Macro, Polymorphic, Stealth and Resident viruses. Some viruses can possess characteristics of more than one of these types.
"Many people will get a virus at one point or another, and some of them will be harmed by it," said Bruce Peters, a anti-virus and data recovery expert. "Some will lose data, some will suffer no damage other than the time, effort, and stress it takes to remove the virus. Some will spread the virus to others and damage the most valuable thing: their reputations."Anatomy of a Virus
Though most computer users have learned to fear viruses, few really know what they are. Viruses are programs that replicate themselves inside a computer. The malicious bug cannot do its damage when a user simply surfs the Web or opens a plain text message such as an e-mail. However, viruses are unleashed when they are hidden in attachments to e-mail messages and someone opens that attachment. After viruses replicate, many carry out damaging instructions that have been programmed into them.
The Melissa virus from March 1999 is a good example of how viruses inflict damage. Melissa lurked inside an e-mail Microsoft Word attachment. The person who received the message had no reason to suspect anything dangerous; in fact, the e-mail's subject line appeared to be from someone the recipient recognized.
However, once the recipient clicked on the attachment, Melissa fused itself to a Word object and began rifling through the poor victim's address book. Soon, Melissa was e-mailing tainted attachments to the first 50 names in the recipients address book.
"Some viruses do nothing except replicate," Peters said. "Some will do damage, but not intentionally. Then again, there are those that attempt - and sometimes succeed - in destroying all files on the computer, or subtly altering data in documents, or whatever nasty thing you can conceive that a computer program is capable of doing."
To make matters worse, those who create viruses continually add new twists to their method of attack. Late in June, the Stages virus struck. Before Stages, computer users were assured that viruses could not be spread through text files. So, when Microsoft Outlook users saw an attachment that appeared as "LIFE_STAGES.TXT," many figured it was safe to open. When they did so, a humorous test file about dating appeared.
What users didn't realize was that the attachment was not a text file but had a hidden .SHS extension, which meant it contained infected computer code. Soon, the virus was on the loose and e-mailing itself to everyone in the recipient's address book.
Peters hopes the recent wave of high-profile viruses will cause lawmakers to treat the problem as the potentially serious crime that it is. However, he said the war on this scourge requires vigilance.
"Yes, we'll become more successful overall," he said. "But yes, things will get worse, too: my prediction is that while more viruses will be prevented on a percentage basis, there will always be a few high profile successes by the virus writers.
"Those successes, however, will be short-lived, because anti-virus companies will be quick to create a solution to each new threat."
