On the origin and evolution of computer viruses
Trend and industry analysts say that the propagators’ efforts will not let up. Last year marked the first mobile phone virus, and Bluetooth technology, for example, compounds security threats. 35% of PCs in the US are infected, while in China and India the rates are as high as 50%.
Experts in the security field report that the first virus spread as early as 1981. However, Fred Cohen wrote in his seminal article that the first virus was conceived as an experiment on November 3, 1983. Since then, viruses and malware have plagued and wreaked havoc among computer systems around the world.
Risks through the Internet
With the arrival of advances in communications such as the Internet, mobile telephony and Bluetooth (a short-range radio technology that simplifies wireless communication between devices such as computers and mobile phones. It also aims to connect these devices to the Internet quickly and easily ), computer viruses have spread at an alarming rate. The downside of such advances is that while previously only a few computers were infected, now thousands, if not millions, are at the mercy of virus writers.
First threats disable 10% of infected computers
In 1987, a large network (ARPANET) used by universities and the US government was infected by a virus. Robert Morris, the son of a computer security expert at the National Security Agency, sent malicious code over the ARPANET, affecting around 10% of connected computer hosts; at the time, there were only 60,000 hosts connected to the network. The code was replicated and leaked through network computers; consequently, the size of the files filled the memories of the computers, thus disabling numerous machines.
An alarming 66% of PCs today are infected by spyware and 35% are infected by viruses in the US Today, approximately 1.21 billion people (Computer Industry Almanac) are connected to the Internet with millions of hosts computers connected to chat, exchange files, send emails and communicate in general. Can you imagine how easy it is to spread a virus or malware?
An anti-spyware developer reports that the malicious spyware infection rate in businesses is approximately 7%, and adware shows up on a whopping 52% of machines. 3-5% of enterprise machines had keyloggers. In homes, the percentages are much higher. The same anti-spyware developer reports that 66% of PCs scanned by its online tool were infected with an average of 25 spyware entities each. If one were to define cookies as spyware, the rate would skyrocket to 88%! Adware was found on 64% of machines. Viruses and Trojans, the company reports, were found on 7% and 19% of machines, respectively.
According to Panda Software, more than 50% of PCs in India and China, for example, are infected with a virus. In the US and UK, the rate is 35%. All in all, this means that many people remain without active protection today.
Antivirus is not enough
In a study by security firm Checkbridge, the company ran 2 million emails through three popular email scanners. None of the programs tested caught all viruses. The success rates of the scanners ranged from 97% to 64%. Checkbridge’s CEO also claims that in many cases, using two scanners at the same time does not guarantee detection of all viruses at all times. Likewise, many computer experts report that the use of two or three anti-spyware programs usually removes 95% or more of spyware.
Security Pillars
How can you protect your system and data in the midst of so many security threats from so many different sources?
Just think, malware (malicious code) has been around for almost 25 years. Every year millions of people and businesses lose substantial sums of money in terms of lost and often unrecoverable data. To top it off, some viruses hog system resources and Internet connections making it impossible to work or play. And this doesn’t include the frustration and anger at not being able to pinpoint the source of the problem.
One of the first steps in protecting your PC is to make sure the operating system (OS) is up to date. This is critical as operating system manufacturers, such as Microsoft Windows, continually update the security features of their products to cover any potential and actual security gaps.
Second, you must have up-to-date antivirus software running on your system. Be sure to pick one of the best on the market today – a few bucks won’t break you, but a virus will. Make sure your antivirus software is updated frequently (sometimes even daily if necessary) with fixes to the actual engine and database files that contain the latest cures against new viruses, worms, and Trojans. Antivirus software should have the ability to scan emails and files as they are downloaded from the Internet to help prevent malware from reaching your system.
Many users use a third component for the security of their home and/or computer system: firewall software. A good system prevents unauthorized use and access to your computer from outside sources (for example, hackers or hijackers), as well as giving you additional protection against the most common Trojans and worms. A firewall by itself will not eliminate the virus problem, but when used in conjunction with updates to your operating system, anti-virus software, and information from processlibrary.com, it will give you increased system security and protection.
A fourth component of security is manual intervention. This option can be daunting for any beginner, however, such an intervention will definitely help you fight bland Trojans that may not be removed by your standard antivirus and spyware products.
I’d like to explain two tools that can be used to step in when all else fails: the native Windows Task Manager to help you list all the processes running on your PC, and a good online library that explains what these processes are for and if they are legitimate. Or not. Of course, you should use these tools carefully. Press CTRL+ALT+DEL to call Windows Task Manager to help you identify most processes running on your computer; this is a built-in functionality of the Windows operating system. Go through the processes one by one, and then look up the process names in one of the many available process libraries. I use processlibrary.com, but there are many others, including neuber.com, file.net, and bleepingcomputer.com. In any case, these libraries are (typically free) directories of information with search functionality.
With this information, you can immediately identify any potential new threats that may have infiltrated your system. The definitions will help you cover that period of time until your preferred antivirus and antispyware software vendors update their scanners. When you identify it, simply search for the process within the processlibrary.com database and you’ll have an exact definition and advice on what to do.
Fight spyware, adware, and other forms of malware
In some cases, it is not so easy to realize that spyware and related forms of malware are installed on your system.
In other cases, you’ll almost immediately notice changes to your web browser that you didn’t make. These changes include toolbars you didn’t want installed, different home page settings, or changes to your security settings and favorites list.
Other signs of spyware include pop-up ads that are not related to the website you are currently viewing. Many of these ads are usually related to pornography or emoticons or performance/security optimizers and do not display as legitimate ads normally do. Ads may also appear when you are not browsing the web. Spyware is not only annoying, it slows down your system performance, increases startup time, hogs your Internet connection, and sometimes causes system crashes.
You must install an anti-spyware software package. There are a few good ones on the market and many experts even suggest installing two or three, as a single package may not be powerful enough to find all the entries and changes to your registry and other files made by spyware. Such malware installs itself like any other application on your system, so it leaves traces of itself in registry files and other places on your system. Anti-spyware works by searching for these traces and removing them.
Also be careful what you download from the Internet. Make sure you know the sources you download things from, and even here you need to pay close attention. For example, not all companies that claim their software contains adware are actually just offering adware. There is always the possibility that there is spyware disguised in the program. Be sure to read the privacy policies and license agreements. Also, firewalls should be of great help in the fight against spyware and malware.
New forms of security threats
Malware authors and hackers are always looking for new ways to disrupt the normal functioning of your system and worse, steal your private data. Cross-site request forgery (CSRF) is a form of attack on a website, also known as session driving. According to leading security experts (eg, Jeremiah Grossman), this form of attack is rare, but it is a “sleeping giant.”
Here’s an excerpt explaining what CSRF is taken from an excellent CSRF FAQ: “Cross-site request forgery (also known as XSRF, CSRF, and cross-site reference forgery) works by exploiting the trust a site has for the user. Site tasks are usually linked to specific URLs (Example: [http://site/stocks?buy=100&stock=ebay]) that allows specific actions to be performed when requested. If a user is logged into the site and an attacker tricks their browser into making a request to one of these task URLs, then the task is performed and recorded as the logged in user. Typically, an attacker will embed malicious HTML or JavaScript code in an email or website to request a specific ‘task url’ that is executed without users’ knowledge, either directly or by using a cross-scripting flaw. sites. Injection via lightweight markup languages like BBCode is also entirely possible. These types of attacks are quite difficult to detect and potentially leave a user arguing with the website/company if the shares purchased the day before were initiated by the user after the price crashed.” Click here to read all frequently asked questions
So what is the solution? The solution is to try to work hard to minimize security threats by using the right tools and by requiring the websites you use regularly to take a similar approach.
