Computer viruses take turn for worse



Posted on Sunday, December 09 @ 10:32:49 PST Source: FostersOnline

When the Goner virus was first discovered Tuesday, officials at Network Associates, a computer security company in Santa Clara, Calif., were scanning about 1,000 of the computer-fouling files an hour sent for inspection from infected customers.

But Craig Schmugar, a virus research engineer with the company, said by Friday computer users were taking steps to counter Goner and the company was scanning only about 250 files per hour.

While viruses are not new, they have grown in destructive power.

The Goner virus is an example of one of these new, more virulent strains.

The destructive program deletes critical files for any security or anti-virus program installed on a computer. Without anti-virus software or an updated version, users are vulnerable.

With the protection rendered useless, an unauthorized person can enter the computer at a later date.

Also, once active on the machine, the virus affects Microsoft’s Outlook and Outlook Express e-mail programs on computers running Windows, which may not allow them to work properly.

Experts say an anti-virus program will greatly reduce the chance of a home user’s computer becoming infected.

"Pick up a copy and update it regularly. It is one more solution to be secure," said Art Farnham, president of Atlantus Systems Inc. of Dover.

In 1987, when a virus infected ARPANET, a large network used by the Defense Department and many universities, the market for anti-virus programs started growing rapidly.

But viruses continue to take their toll. In 1998, a virus known as Chernobyl affected more than one million computers in Korea resulting in about $2 million in damages.

The dirty dozen

A listing of some of the more pernicious viruses over the last twenty years.

1981: First viruses, affecting Apple II systems.

1986: Brain virus. Probably the earliest virus to effect IBM-compatible machines. Takes up unused space on a floppy disk, but does not damage the hard disk.

1987: Christma.exec. A very early worm specific to IBM mainframes that copies itself thousands of times and clogs e-mail systems.

1991-92: Michelangelo. The first highly publicized virus that destroys all information on a disk on March 6, Michelangelo’s birthday.

1995: WM.Concept. The first macro virus which distorts commands in Microsoft Word. Macro is a symbol or key that tells the computer to perform a series of functions.

1996: Laroux. The first serious virus to infect Microsoft Excel. Infects and destroys all files created with the program.

1998: W95.CIH. Also known as Chernobyl, the virus destroys the data on a disk rendering the machine inoperable. Technicians say it is very difficult or impossible to restore an infected machine.

1999: Melissa. Clogs e-mail servers and causes documents to be spread to other users. This may cause sensitive information to be released.

2000: Loveletter. There are more than 80 variants of this virus that renders dozens of files unreadable.

2001: Code Red. Prevents users from accessing the Internet.

2001: W32/Sircam. Malicious code searches through select folders and mails potentially sensitive files.

2001: Goner. Deletes security programs, such as firewalls and anti-virus programs from a system. Makes the system more vulnerable to other viruses and threats from outside users.

Such viruses are a far cry from the early ones which were mostly nuisances and harmless pranks. Early viruses might have caused a message to be displayed when a certain key was struck, but little else.

Those who create viruses no longer need to know technical computer languages to cause havoc in a computer system. Rather they visit underground Web sites to download programs to create the destructive programs.

"More are trying it because (viruses) are simpler to write. They can just point and click," said Candy Alexander, New England chapter president of the Information Systems Security Association.

Currently there are roughly 57,000 known viruses and every two to three months a new one is released.

Alexander said while many companies maintain rigid controls to protect their systems from viruses, most of the problems are caused by home users who pass it on to one another via e-mail or tainted disks.

Experts said the best way for a computer user to protect a system is to buy an anti-virus program and update it weekly. The updates, which are typically downloaded from an Internet site, alert the anti-virus program to new threats and keep them out of the computer.

"The home user needs to take some precautionary measures," Alexander said.

For between $30 and $50, computer users can buy an anti-virus program. If a computer becomes infected, repairing and retrieving lost data can cost users between $50 to $500.

"Keep calm if your computer has been infected by a virus. Panic does not get rid of a computer virus," said Daniel Murphree, who operates Agape Computers in Laconia.

He said many viruses can be removed with little or no data loss. Users have little to worry about if they install an anti-virus application and continue to update it weekly, he said.

It also is easier to repair the damage done by a malicious program when you have a backup of your computer software and important data, Murphree added.

To keep from getting a virus, experts advise that people not open unexpected e-mail attachments, even if the sender is someone familiar.

"People have to be self-disciplined ... If there is any doubt, just delete it," said Jim Cerny, an information technologist at the University of New Hampshire.

Once on a machine, Goner as well as other recent viruses will scan a user’s e-mail address book and mail itself to the people listed. The recipients may not be aware that a virus has been sent to them.

"They piggyback on other programs," Cerny said. "Some have a payload to do something nasty."

Only if the e-mail is opened will it be activated and infect the computer.

Once on the system, the virus implants itself in the computer, replicates itself and executes whatever it was programmed to do.

David Longo, owner of Hampton Computer, said viruses can destroy software programs such as Microsoft Word or render internal parts inoperable.

"They can render a system useless," he said.

Longo said viruses have come a long way in their development. They now can destroy computers, allow hackers access to sensitive information and bring systems to a halt.

Cerny said one of the earliest major viruses was a worm in 1988 that spread over much of the Internet. The infection caused computers to become overloaded with information and stop working.

An infected computer my take two to three days to repair depending on the severity of the infection.

Farnham said in an incident four years ago, he had about seven computers networked together that became infected within three hours of receiving a virus. The whole system had to be shut down for several days to clean the network.

Virus detection, prevention tips

Do not open any files attached to an e-mail from an unknown, suspicious or untrustworthy source. Save the file to a floppy disk and scan it first.

Delete chain e-mails and junk e-mail. Do not forward or reply to any to them.

Exercise caution when downloading files from the Internet. Make sure that the source is a legitimate and reputable one.

Update your anti-virus software regularly.

Back up your files on a regular basis. If a virus destroys your comoputer’s files, at least you can replace them with your back-up copies.

When in doubt, always err on the side of caution and do not open, download, or execute any files or e-mail attachments.

Source: McAfee.com

Longo said while he has not seen the Goner virus, several months ago he serviced a computer that had been infected with a similar virus. He had to reload everything onto the hard drive, a device the computer uses to store data.

Reinstalling the software on a computer can be an all-day affair. Whatever has not been placed onto a disk for backup may be lost forever.

Virus programmers cooperate with each other and share information, Alexander said.

"Another hacker can take (an old virus) and make it better. It becomes more dangerous and more destructive," she said.

She said some programmers create viruses because they are looking for a technical challenge or to prove their level of skill to friends.

These programmers, called "script kiddies," surf the Internet for sites where they can grab copies of viruses to tinker with or exchange information about how to defeat virus protection.

Alexander said while she was recently doing some reconnaissance on the Internet, she found one such underground Web site.

Virus programmers already are planning their attack on Microsoft’s new operating system, Windows XP, she said.


Back to Virus Page
Back to Tech Page
Home