Computer Viruses

What are computer viruses?

Computer Viruses (also called “malicious programs,” “malware,” etc.) are small computer program parts that trigger unwanted actions and can have a wide variety of effects on your computer system:

  • At their most harmless level, viruses are just a nuisance or confusing, such as unusual actions that do not damage your data.
  • Other viruses use your system by abusing programs, e.g., using your e-mail program to send e-mails to all addresses in your address book or stealing them.
  • Some viruses spy on passwords, change files or, in the worst case, destroy entire systems.
  • For some time, widespread viruses encrypt your data and the data in your administration. The decryption key is then sold (ransom goods; ransom = blackmail).

So the range is wide. Around a thousand new viruses are released every day. The damage

caused by viruses has long been in the millions.

Computer Viruses Types

The generic term “malware” (“mal” = English for “damaging”) is often used for all types of viruses. A distinction is made between different types of malware or viruses:

File viruses:

File viruses represent the classic form of a computer virus. They attack certain files, such as executable programs, and multiply when these program files are called.

Trojan horses:

So-called “trojans” are used to smuggle other malicious programs, such as bots, onto your computer, for example, to spy on data and passwords, to open the system unnoticed for access from outside, to use your computer for attacks on other systems, or your Encrypt data and then blackmail you.

Worms:

The “worm” type of virus is an independent, self-replicating program that prefers to spread in networks and tries to disrupt its work. Their risk potential is comparable to that of file viruses and Trojan horses.

Bots:

Bots (an abbreviation for “robots”) are independently working computer programs that are active without the user having to do anything. This is problematic if they act in secret. A bot “hidden” in the PC will attack websites or “steal” data on your computer.

Hoax:

A hoax is not a virus but a kind of “bad joke,” often in the form of a chain letter. You can see an example of a chain letter in the upper left corner.

Only when it is passed on to others does the intended effect of a “virus” unfold, namely the “automatic” mass spread. Chain letters are mainly found in social networks.

Possible damage from virus infection

Depending on the virus, the damage caused is very different. In the past, the main aim of the attack was to disrupt system functions, e.g., by:

  • Consumption of system resources such as disk space or line capacities
  • System performance reduction
  • Changing or deleting system files

Viruses usually target unwanted actions, such as secretly sending spam e-mails. It is often also about spying on data or using the computer as a platform for attacks on other systems (so-called denial of service attacks).

Computer Viruses can be dangerous when they sneak in unnoticed and, for example, spy on the system and authority network for internal information unnoticed for weeks or months. Supposedly unimportant jobs like clerical processing are also affected as a “gateway.”

Some Trojans claim that your computer has been used for illegal purposes by displaying a large image. The Federal Criminal Police Office blocked him and could release him again against a “fine payment.”

Some Trojans encrypt your hard drive and demand “ransom.” The only thing that often helps is setting up the computer from scratch. Still, other programs misuse your computer to use its computing power without being asked.

Nowadays, people often talk about “botnets” and “hijacked” computers or “zombies.”

Here is a brief explanation of how this works:

  1. A first attacker spreads a virus widely and infects multiple computers.
  2. The infected (“hijacked”) computers (“zombies”) log on to a server (unnoticed by the user) and together form a network (“botnet”).
  3. A second attacker (e.g., spammer) rents access to the bot network control from the first.
  4. The second attacker gives the botnet a task (e.g., “Send ads for XXX!”).
  5. The hijacked computer and the other zombies carry out the task covertly and await further orders.

Pathways of infection

Viruses reach their destination in different ways

  • The main route of infection is email. Under certain circumstances, a virus can become active just by reading an e-mail (e.g., if the auto preview is active). It is particularly dangerous to open sent files.
  • A virus can also become active by launching files you download online. Sometimes even calling up an infected website is enough.
  • The internal authority network can also be the starting point for viruses. They can exist in saved documents or program parts and spread automatically via connected network drives or send them themselves.
  • External storage media such as USB sticks can contain viruses – even originals from the manufacturer or the USB stick from helpful colleagues may be infected. Smartphones and digital cameras connected to the government network can also transmit viruses.
  • A risk that should be considered is when exchanging data via smartphone, USB stick, or portable hard drive between the home PC and the computer in the office.

Some administrations, therefore, close USB sockets on the computer mechanically or by software. Respect this to protect the administration and your devices!

Risks and damage

Risks increase with connection to the Internet.

Whenever data is transferred to a computer from outside, there is a risk of virus infection. With the increasing use of the computer as a communication medium, the risk of viruses also increases. Once connected to the Internet, there is a 100% chance of a virus attack.

That means: Without a virus scanner, an infection is practically unavoidable!

The impending damage can be considerable:

  • If a virus attack destroys data, your administration may incur high costs when restoring it. If spied data becomes public, your organization can suffer damage to its reputation and trust, not to mention data protection violations.
  • Restoring infected systems can be time-consuming and expensive, even if no information is deleted or spied on.

Preventive measures

As in medicine, “prevention is better than cure.”

  • There are specially written programs to clean infected files from viruses, so-called virus scanners.
  • In most administrations, all servers and PCs have a virus scanner that examines incoming e-mails.
  • An up-to-date virus scanner should always protect every private PC.
  • The virus scanner program examines all data on your computer for viruses before it is accessed or saved. It must, therefore, never be switched off.
  • The virus scanner must be set so that all data is always checked for viruses in real-time (“On Access”).
  • Viruses and virus scanner applications (“apps”) exist for mobile devices.
  • The virus scanner must be set to update itself at least daily. If, contrary to expectations, a message appears that the scanner needs to be updated, please inform your IT department directly.
  • In addition, the virus scanner should be set to automatically check the entire system for viruses once a week (“on demand”).
  • Even an up-to-date virus scanner does not offer 100% protection. You should save your data on network drives. Most authorities regularly back them up from there, and they can be restored after damage.

Virus attack – what to do?

Don’t panic – keep calm.

If you suspect a virus has crept in, a quick reaction is required to avoid greater damage.

It is important:

  • Don’t panic!
  • Disconnect the computer from the network, i.e., unplug the cable or switch off the wireless connection
  • Under no circumstances should you carry out your cleanup actions
  • Notify your IT department. She takes care of the next steps to eliminate the virus and restore affected data.
  • If you have access to it, have the most recent backup handy.

About Author

techinfi

See author's posts