|
|
Computer viruses
Bo Tørris Bonnevie, Information Technology Division, Rhodes University
In the beginning
Next year will mark the 25th anniversary of the release of the 8086
processor. A cheaper 8-bit version of this chip, the 8088, was used in the first
popular Personal Computers based on this architecture, and they are the
predecessors of our present day Pentiums. It is this computer architecture that
has been mostly affected by computer viruses. In 1986 the generally accepted
first virus called "Brain" started to spread on these systems and
since then over 50000 viruses have been identified in the wild. The first
experimental viruses and their theory of operation date back to the early 80's.
At about the same time a new computer industry was born, that of creating and
distributing anti-virus software that could detect and disinfect systems
infected with known viruses, and additionally protect uninfected systems from
known (and to some extent unknown) viruses. Despite the fact that there can be
very few users of computer systems that have not heard of or been exposed to the
damaging effect of some of these viruses, computers around the world are still
being infected on a daily basis, mostly due to out-of-date anti-virus
protection.
What are computer viruses?
Computer viruses are essentially computer programs that replicate themselves
by attaching themselves to other programs or files. They have come in many forms
and designs, exploiting vulnerabilities of operating systems and applications.
The more common types are:
· Boot sector viruses - infect the boot partition on a disk.
· File viruses - infect mostly executable files, such as .exe and .com.
· Trojan Horses - destructive viruses (not all viruses are destructive).
· Worms - use applications such as mailers to send themselves to other
computers.
· Stealth viruses - try to hide themselves from anti-virus scanners.
· Polymorphic viruses - can mutate to make identification difficult.
A virus can fall into one or more of the above categories and
"Brain" was a boot sector and a stealth virus. Today probably all
anti-virus software can detect most of the early viruses and some of these,
including "Brain" are now extinct in the wild. In 1988 one of the
first virus hoaxes started to spread on the internet, and these also continue to
plague computer users today. A virus hoax is not a virus, but a chain letter or
email that deceives users into thinking that their computers have been infected.
A hoax contains instructions on how to disinfect a non-existing virus and the
users often end up deleting an important operating system file, crippling their
computers to some extent.
Computer viruses are not unlike biological viruses. Their effectiveness is
ultimately dependent on an ability to survive and spread. If a virus is too
destructive it may quickly disappear, as its computer host will then be unable
to infect other systems. The virus needs to go undetected to allow it to spread,
delay its harmful effects and not immediately cripple the host computer.
What can the user do?
It seems that viruses are here to stay. So what should the computer user do?
The first step is to take responsibility for your computer just like you take
responsibility for your own health. This includes keeping your anti-virus
software and virus knowledge up to date. Secondly, prevention is better than
cure. In the computer world this is very much an option as many anti-virus
products provide background and on-demand scanners that prevent your system from
being infected when you try to access infected files on, for example, a network
or a diskette. These scanners often employ heuristic algorithms that may be able
to detect unknown viruses. This is also much faster than scanning for specific
virus signatures, but occasionally may cause false alarms. Once your computer
has been infected the damage may be done before you can disinfect and data may
be very difficult or even impossible to recover. Some viruses are also very
difficult to disinfect and a lot of time can be lost before your system is
operational again. A good source of information is the World Wide Web and
searches on "computer viruses", "anti-virus software" and
"virus hoaxes" should provide all the necessary information.
References:
A Brief History of Computing © Copyright 1996-2000, Stephen White
http://www.ox.compsoc.net/~swhite/history/8086.html/
HoaxBusters, http://HoaxBusters.ciac.org/
Fighting Computer Viruses
Jeffrey O. Kephart, Gregory B. Sorkin, David M. Chess and Steve R. White
Scientific American http://www.sciam.com/1197issue/1197kephart.html
|
