What
is a Computer Virus?
- A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner.
- One of the first detected virus was the Creeper virus in the early 70’s
- Before computer networks became widespread, most viruses spread on removable media, particularly floppy disk.
Basic Computer Viruses
Trojan
Horses
- Appears as interesting program file but when installed it allows intruders to access and read your files
Worms
- Virus that copies and multiplies itself by using computer networks and security flaws
E-mail
Viruses
- Use e-mail messages to spread which allow it to automatically forward itself to thousands of people
Types of Viruses
Boot Sector Virus
- Infects the boot or MBR of diskettes and hard drives through the sharing of infected disks and pirated software applications
- Once your hard drive is infected all diskettes that you use in your computer will be infected
Program Virus
- Becomes active when the program file (usually with extensions .BIN, .COM, .EXE, .OVL, .DRV) carrying the virus is opened
- It then makes copies of itself and will infect other programs on the computer
Multipartite Virus
- Hybrid of a Boot Sector and Program viruses
- It infects program files and when the infected program is active it will affect the boot record
Stealth Virus
- Disguises itself to prevent from being detected by antivirus software
- It alters its file size or conceals itself in memory
Polymorphic Virus
- Act like a chameleon, changing its virus signature (binary pattern) every time it multiples and infects a new file
Macro Virus
- Programmed as a macro embedded in a document, usually found in Microsoft Word and Excel
- Once it gets in to your computer, every document you produce will become infected
- Relatively new type of virus and may slip by your antivirus software if you don't have the most recent version installed
Signs Your Computer is Infected
- Functions slower than normal
- Responds slowly and freezes often
- Restarts itself often
- See uncommon error messages, distorted menus, and dialog boxes
- Notice applications fail to work correctly
- Fail to print correctly
Computer Virus History
- First half of the 70'Late 60,s, early 70,s- "Rabbits" cloned themselves occupied system resources, slowing down the productivity.
- "The Creeper" capable of entering a network by itself and transferring a copy of itself to the system.
- Early 80,s-Increasing number of programs written by individuals not by software companies. Programs caused miner viruses called "Trojan horses".
- 1986:'Brain virus' - by Amjad and Basit Farooq Alvi.
- spread through floppy disks
- infected boot records and not computer hard drives
- Lahore, Pakistani Brain, Brain-A and UIUC virus
- took over free space on the floppy disk and hid from detection
- "disguised itself by displaying the uninfected boot sector on the disk."
- 1987:Lehigh virus
- the first memory resident file infector that attacked executable files and took control when a file was opened
- The Jerusalem Virus
- had bugs that re-infected programs that were already infected
- —1988: Robert Morris made a worm that invaded ARPANET computers
- disabled 6,000 computers on the network by overflowing their memory banks with copies of itself
- 1991: Norton Anti-Virus software
- 1999: "Melissa" virus
- infected thousands of computers very fast by sending copies of itself to 50 names in the address book on Outlook e-mail
- Led to an estimated $80 million in damage and record sales of anti-virus products.
- 2000: "I Love You" virus
- was sent by email and infected 10 % of computers in only one day
- created by a young Filipino computer student who did not get punished because then the Philippines had no laws against hacking which led to the European Union's global Cybercrime Treaty.
- 2001: "Nimda" virus (days after 9/11)
- had 5 ways of infecting systems
- 2004:MyDoom spreads through emails and file-sharing software faster than any previous virus or worm.
- Allows hackers to access the hard drive of the infected computer.
- An estimated one million computers running Windows are affected by the fast-spreading Sasser computer worm.
- The worm does not cause irreparable harm to computers or data, but it does slow computers and cause some to quit or reboot without explanation.
- 2006:Discovery of the first-ever malware trojan horse for Mac OS X
- 2008:Torpig is a Trojan horse which affects Windows, turning off anti-virus applications.
- It allows others to access the computer, modifies data, steals confidential information and installs malware on the victim's computer.
- 2009:Conficker infects anywhere from 9 to 15 million Microsoft server systems.
- French air force, Royal Navy warships and submarines, Sheffield Hospital network, UK Ministry of Defence, German Bundeswehr and Norwegian Police were all affected.
Total
Number of Viruses by year
January 1985 1
January 1985 1
January 1987 3
January 1989 6
January 1990 142
January 1991 357
January 1992 1,161
January 1993 2,482
January 1994 3,687
January 1995 5,626
January 1996 7,764
January 1997 11,037
January 1998 16,726
January 1999 40,850
January 2000 44,000
January 2001 48,000
January 2002 55,000
January 2003 62,000
Melissa
Another virus that fired up the
media was Melissa, a Word macro virus.
When people received the host
Word document via email and opened it, the virus sent a copy of itself to the
first 50 people in the victim's address book.
Named after a topless dancer in
Florida, the Melissa virus crashed the email servers of corporations and
governments in different spots around the world.
The Computer Emergency Response
Team, set up after Robert Morris mucked up the Internet with his worm in 1988,
estimated that the virus hit 100,000 computers in its first weekend.
David L. Smith posted the
infected file to an alt.sex usenet group using a stolen AOL
account. Initially he entered a plea of innocence, but after being confronted
with a maximum sentence of 40 years in prison, he eventually pled guilty and
received a much-reduced sentence.
No comments:
Post a Comment