CHAPTER 1: COMPUTER VIRUSES



CHAPTER 1: COMPUTER VIRUSESOne of the most familiar forms of risk to computer security is the computer virus. A computer virus is a program written by a hacker or a cracker, designed to perform some kind of trick upon an unsuspecting victim’s computer. In some cases, the trick performed is mild, such as drawing an offensive image on the victim’s screen or changing all of the characters in a document to another language. Sometimes the trick is much more severe, such as reformatting the hard drive and erasing all the data or damaging the motherboard so that it cannot operate properly.Types of VirusesViruses can be categorized by their effects, which include being a nuisance, destroying data, facilitating espionage, and destroying hardware. A nuisance virus usually does no real damage but is an inconvenience. The most difficult part of a computer to replace is the data on the hard drive. The installed programs, documents, databases, and saved emails form the heart of a personal computer. A data-destructive virus is designed to destroy this data. Some viruses are designed to create a backdoor into a system to bypass security. Called espionage viruses, they do no damage but allow a hacker or cracker to enter the system later for the purpose of stealing data or spying on the work of the competitor. Very rarely, a virus is created to damage the hardware of the computer system itself. Called hardware-destructive viruses, these bits of programming can weaken or destroy chips, drives, and other components.Methods of Virus OperationViruses operate and are transmitted in a variety of ways. An email virus is normally transmitted as an attachment to a message sent over the Internet. Email viruses require the victim to click on the attachment, which causes the virus to execute. Another common mode of virus transmission is via a macro, a small subprogram that allows users to customize and automate certain functions. A macro virus is written for a specific program, which then becomes infected when it opens a file with the virus stored in its macros. The boot sector of a floppy disk or hard disk contains a variety of information, including how the disk is organized and whether it is capable of loading an operating system. When a disk is left in a drive and the computer reboots, the operating system automatically reads the boot sector to learn about that disk and to attempt to start any operating system on it. A boot sector virus is designed to alter the boot sector of a disk so that whenever the operating system reads the boot sector, the computer will automatically become infected. Other types of viruses and methods of infection include the Trojan horse virus, which hides inside another legitimate program or data file, and the stealth virus, which is designed to hide itself from detection software. Polymorphic viruses alter themselves to prevent detection by antivirus software, which operates by examining familiar patterns. Polymorphic viruses alter themselves randomly as they move from computer to computer, making detection more difficult. Multipartite viruses alter their form of attack. Their name reflects their ability to attack in several different ways. They may first infect the boot sector and then later act like a Trojan horse virus by infecting a disk file. These viruses are more sophisticated and therefore more difficult to guard against. Another type of virus is the logic bomb, which generally sits quietly dormant waiting for a specific event or set of conditions to occur. A well-known example of a logic bomb was the widely publicized Michelangelo virus, which infected personal computers and caused them to display a message on the artist’s birthday. CHAPTER 2: SECURITY RISKSAlthough hackers, crackers, and viruses garner the most attention as security risks, companies face a variety of other dangers to their hardware and software systems. Principally, these risks involve types of system failure, employee theft, and the cracking of software for copying.Systems FailureA fundamental element in making sure that computer systems operate properly is protecting the electrical power that runs them. Power interruptions such as blackouts and brownouts have very adverse effects on computers. An inexpensive type of power strip called a surge protector can guard against power fluctuations and can also serve as an extension cord and splitter. A much more vigorous power protection system is an uninterruptible power supply (UPS), which provides a battery backup. Similar in nature to a power strip but much bulkier and a bit more expensive, a UPS provides steady, spike-free power and keeps a computer running during a blackout.Employee TheftAlthough accurate estimates are difficult to pinpoint, businesses certainly lose millions of dollars a year in stolen computer hardware and software. In large organizations, such theft often goes unnoticed or unreported. Someone takes a hard drive or a scanner home for legitimate use, then leaves the job sometime later and keeps the machine. Sometimes, employees take components to add to their home PC systems, or thieves break into businesses and haul away computers. Such thefts cost far more than the price of the stolen computers because they also involve the cost of replacing the lost data, the cost of time lost while the machines are gone, and the cost of installing new machines and training people to use them. Cracking Software for CopyingA common goal of hackers is to crack a software protection scheme. A crack is a method of circumventing a security scheme that prevents a user from copying a program. A common protection scheme for software is to require the installation CD to be resident in the drive whenever the program runs. Making copies of the CD with a burner, however, easily fools this protection scheme. Some game companies are taking an extra step to make duplication difficult by scrambling some of the data on the original CDs, which CD burners will automatically correct when copying. When the copied and corrected CD is used, the software checks for the scrambled track information. If the error is not found, the software will not run.CHAPTER 3: COMPUTER VIRUSESOne of the most familiar forms of risk to computer security is the computer virus. A computer virus is a program written by a hacker or cracker designed to perform some kind of trick upon an unsuspecting victim. The trick performed in some cases is mild, such as drawing an offensive image on the screen, or changing all of the characters in a document to another language. Sometimes the trick is much more severe, such as reformatting the hard drive and erasing all the data, or damaging the motherboard so that it cannot operate properly.Types of VirusesViruses can be categorized by their effect, which include nuisance, data-destructive, espionage, and hardware-destructive. A nuisance virus usually does no real damage, but is rather just an inconvenience. The most difficult part of a computer to replace is the data on the hard drive. The installed programs, the documents, databases, and saved emails form the heart of a personal computer. A data-destructive virus is designed to destroy this data. Some viruses are designed to create a backdoor into a system to bypass security. Called espionage viruses, they do no damage, but rather allow a hacker or cracker to enter the system later for the purpose of stealing data or spying on the work of the competitor. Very rarely, a virus is created that attempts to damage the hardware of the computer system itself. Called hardware-destructive viruses, these bits of programming can weaken or destroy chips, drives, and other components.Methods of Virus OperationViruses can create effects that range from minor and annoying to highly destructive, and are operated and transmitted by a variety of methods. An email virus is normally transmitted as an attachment to a message sent over the Internet. Email viruses require the victim to click on the attachment and cause it to execute. Another common form of virus transmission is by a macro, a small subprogram that allows users to customize and automate certain functions. A macro virus is written specifically for one program, which then becomes infected when it opens a file with the virus stored in its macros. The boot sector of a floppy disk or hard disk contains a variety of information, including how the disk is organized and whether it is capable of loading an operating system. When a disk is left in a drive and the computer reboots, the operating system automatically reads the boot sector to learn about that disk and to attempt to start any operating system on that disk. A boot sector virus is designed to alter the boot sector of a disk, so that whenever the operating system reads the boot sector, the computer will automatically become infected. Other methods of virus infection include the Trojan horse virus, which hides inside another legitimate program or data file, and the stealth virus, which is designed to hide itself from detection software. Polymorphic viruses alter themselves to prevent antivirus software from detecting them by examining familiar patterns. Polymorphic viruses alter themselves randomly as they move from computer to computer, making detection more difficult. Multipartite viruses alter their form of attack. Their name derives from their ability to attack in several different ways. They may first infect the boot sector and then later move on to become a Trojan horse type by infecting a disk file. These viruses are more sophisticated, and therefore more difficult to guard against. Another type of virus is the logic bomb, which generally sits quietly dormant waiting for a specific event or set of conditions to occur. A famous logic bomb was the widely publicized Michelangelo virus, which infected personal computers and caused them to display a message on the artist’s birthday. ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download