"In the mid-eighties, as legend has it, the Amjad brothers of Pakistan ran a computer store. Frustrated by computer piracy, they wrote the first computer virus, a boot sector virus called Brain. From these simple beginnings, an entire counter-culture industry of virus creation and distribution emerged, leaving us today with several tens of thousands of viruses." Carole Theriault (www.sophos.com)
What is a computer virus? In simple terms, this term refers to a self-replicating program that can infect other programs and spreading into a users system without prior permission or knowledge.
By itself, a computer virus does not usually cause any damage to the system. It is however, often mistaken for malicious software or 'malware' that can cause the most harm to a system.
A malware is a program that appears to be designed for a certain purpose, but actually does something quite different. Known also as 'trojan hourses', they can get into your system by disguising themselves as harmless or even useful piece of code, and lay low for a while. Through triggers such as your PC's internal clock passing a certain date, these programs can be activated and proceed to delete or destroy important system files or format your hard disk drive.
Viruses can be hidden in programs available in floppy disks or CD's, e-mail attachments or in material downloaded from the Internet. If a virus has no obvious payload, a user without anti-virus software may not be aware that their computer is infected. (Payload being the term anti-virus software companies use to describe the actions that will be carried out by the virus).
These days, e-mail viruses usually delivered as an executable attachment (.exe extensions). Clicking on the attachment will immediately launch the application or in this case, the virus. Common types of file formats or file extensions are doc (text files), xls (Microsoft Excel), zip (compressed files) and scr (screen savers).

Types of Computer Viruses
File Infector Virus
A block of code that attaches itself to other programs and is able to copy itself into subsequent applications that the user runs.


Boot-sector Virus
Viruses that infect parts of the hard disk that is read and executed by the computer when it starts up (the boot sector).


Macro Virus
These use other application's macro programming to distribute themselves. They infect programs such as Microsoft Word or Excel.


Trojan Horses
A program that performs some unexpected or unauthorized, usually malicious, action, such as displaying messages, erasing files or formatting a disk. It does not reproduce.


Worms
A computer worm is a self-contained program (or a set of programs) that can spread functional copies of itself or its segments to other computer systems. Propagation usually takes place via network connections or e-mail attachments.


Script virus
Written in script programming languages such as VBScript and JavaScript. These viruses make use of Microsoft's Windows Scripting Host to activate themselves and infect other files.


Malicious Java Codes
Java applets are small, portable programs embedded in HTML pages. They run automatically when the pages are viewed.



How a PC Virus spreads

E-mail attachments
Files downloaded from the Internet such as freeware and shareware
Shared network files
Demonstration software or pirated software
Diskette swapping

Top 10 Viruses reported to Sophos in August 2002

Position Last Month Virus Percentage of Reports
1 1 W32/Klez-H 17 %
2 3 W32/Yaha-E 6.4 %
3 Re-entry JS/NoClose 6.4 %
4 4 W32/Badtrans-B 5.3 %
5 5 W32/ElKern-C 5.1 %
6 New W32/Higuy-A 2.7 %
7 New W32/Datom-A 2.4 %
8 6 W32/Magistr-B 2.1 %
9 Re-entry W32/Sircam-A 1.9 %
10 Re-entry W32/Nimda-D 1.6 %
Others 49.1 %

Virus Hoaxes

Virus hoaxes are false information on viruses that do not really exist. It contains false virus alarms, warning the users on the next big virus attack. Users could receive virus hoaxes from direct emails, duplicated email forwards and other Internet postings. These viruses contain misleading information that creates panic or gives wrong advice to users to do self-damage to the system such as advising users to delete system files. In addition to mere annoyances, virus hoaxes could lead the users to routinely ignore genuine virus warning messages, leaving them vulnerable destructive virus attacks.

Position Hoax Percentage of Reports
1 JDBGMGR 14%
2 Budweiser frogs screensaver 6.9%
3 A virtual card for you 6.2%
4 Hotmail hoax 6.0%
5 Nigerian letter 5.9%
6 Bill Gates Fortune 3.9%
7 Frog in a blender/ Fish in a bowl 3.7%
8 JS/Exploit 2.7%
9 Meninas da Playboy 2.4%
10 Mobile Phone Hoax 2.3%

Antivirus Measures

1. Backup Data
Always save your data in a separate backup medium such as a floppy disk, CD-R/CD-RW or cartridge tape. Keep your data in manageable sizes and delete unwanted files. Do multiple copies of important data that you cannot afford to lose. Do regular checks on the backup data to ensure that they are error free and restore the data to a different folder to ensure that they are recoverable.


2. Inform Users to Minimize the Spread
When a virus is detected, please inform your IT administrator to minimize the spread. Identify the sources you received the virus and alert them. If you have spread the virus, identify the affected parties and alert them on the virus.


3. Antivirus Scanning
Have the antivirus software installed into your PC. Learn how to use it effectively without having to solely rely on your IT administrator. Update all antivirus software regularly with the latest virus pattern. Enable real time virus scanning and perform periodic virus scanning.


4. E-mail and its attachment
Generally, e-mails without attachments are safe to read. E-mails that contain executable extension attachments such as EXE, COM, etc could carry a fatal virus. A general rule is to not open attachments from unexpected e-mails, e-mails from unknown, suspicious or untrustworthy source.

Although threats from computer viruses have lessened considerably, we must not totally ignore the damage that it can do. Spend a little and get good anti-virus programs for your computer or company today. All it takes is one infected computer...