There's a Virus Going Around
Note: This is the first in a series of technology updates by former Inc. senior writer Anne Stuart. Future columns will explore topics such as "spam," videoconferencing, cell phone messaging, and smart business use of online auctions.
Slammer. Klez. Bugbear. Bubbleboy. Lirva.
Those sound like names for characters in kids' cartoons, but they're neither funny nor harmless. They're computer viruses. And they're increasingly common.
Over the past decade, virus-writers worldwide have created and released about 80,000 viruses, worms, Trojan horses and other "malware" programs, according to Graham Cluley, senior technology consultant for antivirus software vendor Sophos Inc. (www.sophos.com) And about 600 to 800 new variations crop up every month, although, typically, only a few cause widespread or serious headaches.
What exactly is a virus? It's tiny, malicious software program designed purely to disrupt or damage computers.
What exactly do viruses do? Some simply display odd messages or images. Many -- including the famous Melissa virus -- perpetuate themselves by sending infected messages to everyone in a user's e-mail address book. Others gobble memory or storage space, making systems sluggish. Some corrupt files -- for instance, changing spreadsheets or chewing up text documents -- or erase them entirely. Some alter Web pages. Some reformat hard drives, block user access, or cause systems to freeze. A few disable security measures or open secret "holes" into computer networks, providing hackers with easy access.
Like their biological counterparts, computer viruses can spread fast, attack systems silently, and cause a great deal of pain. In January 2003, the SQL Slammer worm circled the globe in less than an hour, infecting 75,000 computers in 10 minutes. Slammer, which paralyzed computers running Microsoft SQL Server 2000, temporarily shut down South Korea's telephone system, knocked out thousands of Bank of America automatic-teller machines, and slowed credit-card transactions worldwide.
How much financial damage can viruses cause? It's tough to find reliable numbers about the costs of virus attacks because some effects -- for instance, decreased productivity and unrealized business opportunity -- are tough to quantify. In addition, many companies simply won't share information about security-related losses.
Following are several ways you can prevent or minimize the impact of virus attacks in your business:
Install antivirus software on every computer. That includes laptops and PCs in remote offices. Encourage employees to use antivirus programs at home as well, especially if they use their own computers to connect to your network. In addition, consider protecting e-mail gateways with software that automatically blocks all incoming messages carrying executable code -- but keep in mind that those filters may also capture legitimate business communications with harmless attachments as well.
Keep antivirus programs current. With new viruses popping up regularly, it's critical to make sure you've got the latest protection. Most leading solutions can be set to periodically update themselves online; you can also do the job manually to respond to new threats.
Launch a company-wide prevention campaign. State-of-the-art security measures won't protect your company unless everyone uses them. A single employee can unintentionally infect the entire network by opening a booby-trapped e-mail attachment or installing contaminated software. Make sure everybody knows and follows these basic virus-prevention procedures:
- Always delete junk e-mail messages -- ads, jokes, chain letters -- without opening them. More than 85 % of viruses infect businesses via e-mail, according to the International Computer Security Association's (www.icsa.net) annual Virus Prevalence Survey released in March 2003.
- Never open e-mail attachments from strangers. And even those from people you know should be scanned with software that might spot viruses forwarded unintentionally.
- Be selective about downloading and installing software. Know the source and scan the files before running any new program.
- Get knowledgeable about pranks and hoaxes. Phony virus alerts waste almost as much time as the real thing. When you get a forwarded e-mail message breathlessly proclaiming some new threat, check it out at Vmyths (www.vmyths.com) or on other virus information sites before responding.
- Regularly update Microsoft products. Many viruses attempt to exploit vulnerabilities in Windows, Outlook, Internet Explorer, and other products by the giant software empire. Microsoft's security page (www.microsoft.com/security/) provides alerts, "patches," and advice for both home and business users.
- Back up. Back up. Back up. At work, store files on both PC and network hard drives. At home and on the road, copy important files to CDs or floppies. Begin backing up entire systems nightly or weekly, perhaps storing an extra copy of critical information offsite. Look into Web-based storage services such as Connected Corp. (www.connected.com), Easyspace's Easyarchive (www.easyspace.com/services/easyarchive.html), and Elephant Backup (www.elephantbackup.com).
The computer-virus universe changes constantly, with, according to some estimates, about 20 new viruses surfacing every day. You can't vaccinate your computers against all of them. But with vigilance and commonsense caution, you can strengthen your company's electronic immune system, making it much more likely to survive an attack.
Antivirus Program: Software that detects and removes viruses from computer hard drives. Such programs must be updated regularly to add profiles for the thousands of new viruses that appear every year; updating can often be handled quickly online.
Trojan (or Trojan Horse): A malicious program in disguise, named for the giant wooden gift horse the Greeks used to conquer their Trojan enemies. Trojans appear benign, entertaining, or even useful, but actually conceal viruses that can harm systems. Backdoor.BO (also called Back Orifice) is among the best-known examples.
Virus: A malicious software program used to deliberately infect a computer system. Typically, viruses are concealed in existing programs and activated when those programs are executed. Viruses often cause damage by replicating themselves, causing systems to crash, or by attacking or attaching themselves to other programs. Stealth viruses remain hidden or change themselves after executing so that they can't be detected. Well-known viruses include Melissa and Bubbleboy.
Worm: A type of virus that replicates itself and gobbles up computer memory but cannot attach itself to other programs. Well-known worms include Klez.H, LoveLetter (sometimes called "IloveYou"), Bugbear, and Lovgate.
The following books, all available from Amazon (www.amazon.com) and other booksellers, offer generally easy-to-understand information about computer viruses:
Securing the Network from Malicious Code: A Complete Guide to Defending Against Viruses, Worms, and Trojans, by Douglas Schweitzer (John Wiley & Sons, 2002). Offers sound, practical, comprehensive advice from a security expert. Updates provided on a companion Web site.
Malicious Mobile Code: Virus Protection for Windows, by Roger A. Grimes (O'Reilly & Associates, 2001). Focuses on defensive strategies.
Viruses Revealed, by David Harley, Robert Slade, and Urs E. Gattiker (McGraw-Hill/ Osborne Media, 2001). Explains what viruses are, how they work, where they come from, how to prevent them, and how to deal with them. Includes case studies. Also available as a downloadable, searchable e-book.
The following Web sites provide comprehensive information about viruses, worms, and similar threats:
About.com Antivirus Software Guide
News, glossary, encyclopedia of hoaxes, links to vendors and other resources.
CERT Coordination Center, Carnegie Mellon University
A wealth of information on all aspects of computer security at work and at home.
CNET Virus Alert Center
News on current threats, advice on PC protection, links to free resources, and antivirus software vendors.
Computer Security Institute
Major membership organization for technology-security professionals; Web site contains articles, reports, and links to additional resources about viruses and other security issues.
International Computer Security Association (ICSA) Labs
Independent arm of security vendor TruSecure Corp. (www.trusecure.com) offers "vendor-agnostic" testing and research. Web site contains constantly updated virus alerts, white papers, studies, an annual Virus Prevalence Survey, and more.
National Institutes of Standards and TechnologyComputer Security Resource Center Virus Page
Information, links to other resources and antivirus software vendors.
Safe-computing advice for both network administrators and individual users.
Independent antivirus advice, news, profiles, and resources.
Supersite for information on virus myths and hoaxes.
Following is a sampling of major antivirus software vendors whose offerings include products, services, and information targeted to small and growing companies:
Command Software Systems Inc.
Founded 1984; now part of Authentium Inc. Offers antivirus software for home users, large companies, and small businesses. Web site's Virus Center includes news, alerts, a glossary, research, e-mail newsletters, and other information.
Computer Associates International Inc.
Founded 1976. Offers antivirus software for businesses. Web site's Virus Information Center contains alerts, encyclopedia, and an extensive glossary.
Founded 1989. Offers antivirus and security solutions for home users, large companies, and small and growing businesses. Network Associates Inc., McAfee's parent company, provides free virus alerts, updates, update on hoaxes, and other information.
Panda Software Inc.
Founded 1990. Offers antivirus software for home users, large companies, and small and growing businesses. Web site includes Virus Information Center with virus encyclopedia (including "Top 5" current threats), hoax updates, tips, and other resources.
Founded 1986. Offers antivirus software for companies of all sizes. Web site includes a rich collection of analyses, articles, updates on hoaxes, and alerts, including monthly "Top 10" virus list.
Founded 1982. Offers firewalls, antivirus software, and other security solutions for home users, large companies, and small and growing businesses. Web site provides free virus alerts, library of virus information. Customers can download anti-virus updates from home page. Provides updates on hoaxes.
Trend Micro Inc.
Founded 1988. Offers network antivirus software and other security products and services. Web site includes virus advisories, encyclopedia, prevention tips, and additional information. Also offers a free online cost-analysis calculator for determining potential financial impact of virus attacks.
Send feedback, column ideas, and tech tips to email@example.com.
PRINT THIS ARTICLE