S3_Networks_Viruses

Definition/Theory (Class Summary)
A Computer Virus is a program that can copy itself and infect a computer without the permission or knowledge of the user. A Computer Virus has 2 major characteristics: the ability to replicate itself, and the ability to attach itself to another computer file. A computer virus is designed to install, propagate and cause damage to computer files and data without the knowledge and/or express permission of the user. A computer virus can only survive, attack and propagate in computer memory. Computer memory is usually the RAM (and all different variations of it) and disk storage (hard, floppy and everything in between). Besides this you will not find computer viruses in your monitor, keyboard and certainly not in your own blood stream! Every file or program that becomes infected can also act as a virus itself, allowing it to spread to other files and computers. The term "computer virus" is often used incorrectly as a catch-all phrase to include all types of Malware such as Computer Worms, Trojan Horses, Spyware, Adware, and Rootkits - all of which are slightly different than Computer Viruses.

A Computer Virus needs another program in order to be able to be activated and infect other computers files. Essentially, a computer virus rides piggyback on another file into your computer - once it is executed, the virus will continue to replicate and attach itself to other program files and continue to spread.

Can a virus be a file on its own? Why?

Name 3 types of files that you think may be infected by a virus.  If my computer has a malicious program that replicates itself over the network and doesn’t needs to be attached to another file, but it may delete information in my computer or create havoc, would it be a computer virus? Why?

HOW DO VIRUSES WORK?


 * The first step in any virus attack is always the invasion. This is when the virus actually enters the computer system from an outside source. Much of the effort in preventing a virus attack lies in understanding what these virus entry points are and how best to monitor and block out any possible intrusion. All viruses enter the computer system through two main entry points: the disk drives and the network adapter cards. The disk drives may be any sort of disk drive (hard, floppy, CD, Zip, Jazz and what have you). This makes any disks or CDs that you insert into these drives a possible source of virus infection. The network adapter card is most likely your computer network and/or modem card connected to the local Intranet and/or the Internet. Virus enters through the network card most likely disguised in the form of attachments in e-mails.


 * The act of infection often begins with a harmless looking action such as opening a file (like a video game or a Word document) that one often gets in e-mail attachments or while accessing any disk in a disk drive. These actions inadvertently activate the virus lurking in these files and disks. The virus then installs itself into the computer’s memory. The infected program has been modified so that instead of the proper code running, the virus code runs instead. This is usually done by the virus modifying the first few instructions to "jump" to where the virus code is stored. The virus code begins to execute.


 * After entering the computer memory, a virus often immediately sets out to multiply and spread duplicate copies of itself across the main data storage device (most often the hard disk drive). It does this by copying itself into as many files it can find on the disk drive. Later when users transfers or copies these files to their friends and colleagues, the virus gain entry into ever increasing number of systems. If the virus has found its way to this level of the user’s computer, the user runs a high risk of permanent damage to data and hardware.


 * Many viruses contain what is called a payload. This is the destructive sequence that is activated on a certain trigger. The trigger may be the arrival of a particular date or an action done by the user. The effect of the payload can be anything as benign as some harmless message appearing on screen to as frightening as the destruction of the disk drive’s boot record – making it completely unusable and in most cases completely irreparable. Indeed it is the later that causes permanent lost of data and hardware and which is responsible for the virus’ notorious reputation. If a virus is capable of unleashing its payload on the user’s system, this indicates a serious breach of security on part of the user. It’s time for the user to learn from the experience and never let computer virus have a second chance. "Malevolent" viruses that damage files or wreak havoc in other ways will often act on triggers. There are viruses that will only activate on particular days of the year (such as the infamous "Friday the 13th"), or act randomly, say, deleting a file every 8th time they are run. Some viruses do nothing other than trying to maximize their own infection to as many files and systems as possible.

Identify one way a computer virus can create havoc that was mentioned in the lecture

Describe one way a computer virus may create havoc that wasn’t mentioned; use your imagination and understanding of how viruses work.  Mention one way in which an antivirus may detect a virus.

Describe one way we can avoid catching a virus apart from using an antivirus.

WHICH MAY BE THE SYMPTOMS OF A COMPUTER VIRUS

There are many different symptoms of a virus-infected computer. Some viruses work quickly to damage your computer, while others can linger for months before you notice there is any real problem. Some viruses will start to copy themselves within your computer and use up disk space and system memory - slowing down your computer and degrading your system's performance. Other viruses can be more serious and erase programs, corrupt or destroy selected files or cause a complete system crash. There are also viruses that can open a backdoor to hackers and allow them to access your computer.

http://www.allsands.com/science/computervirusi_ol_gn.htm http://www.antivirusware.com/articles/computer-virus.htm

News Articles
Viruses are middle aged (40 years old) []

Class Exercises
Can viruses infect Mac computers?

Can viruses infect smart phones with Android or IOS?

Can viruses infect humans?

Can viruses do physical harm to humans?

Examples or Activities
The top 5 Deadliest Computer Viruses (CNET) http://www.youtube.com/watch?v=_B-tppLBwY8&playnext=1&list=PLA5CCBF8F460E898F