Friday 4 January 2013

Viruses, Worms and Trojan Horses

Ask anyone about them, and they will tell you that computer viruses can be a problem. I conducted a quick straw-poll amongst some of my friends (ok, they're geeks too, so it might not be the most representative sample) and almost everyone told me they had a virus at least once in their home computer. However, only a couple could tell me how they caught them, or the difference between the 3 types of malicious programs - Viruses, Worms and Trojan Horses.

Viruses are malicious programs that are attached or embedded  within files or  programs (hence their name). Almost all viruses are attached to an executable file, which means the virus may exist on your computer but it cannot infect your computer unless you run or open the malicious program. A virus cannot spread without people using them or passing them on. They most commonly exist as email attachments. 

Worms are slightly different. Although very similar to viruses in their ability to cause damage to computers and their files, they do not require people to exchange them, as they exploit any system that allows computers to exchange information. Once infected, a worm may take your email address contact list and send thousands of emails - all with the worm attached. Worms can grow exponentially, very quickly. Read about the most famous worm here and here.

Trojans Horses (more commonly know as 'Trojans') are designed to mimic useful programs - like file-sharing or even anti-virus programs. The user downloads, installs and runs them under the belief that they are getting legitimate software. However, they are far from the truth. Trojans can be used for many purposes. Some make you believe that your computer is infected with viruses and puts you in contact with a help desk who charges you a lot of money to "fix" the "problem". They also likely to be used to spy on the user, extract information from the computer, or gain remote control over it.

As these programs have got more sophisticated, the difference between Viruses, Worms and Trojans has been blurred. Programs have been designed to use multiple modes of transport. A worm may travel and spread through many routes including e-mail, IRC and file-sharing sharing networks. It may also do a number of things - like damage files, then install a back-door that allows remote control of the computer or access to the data. The most advanced versions create botnets.

Botnets are worm programs that spread and work together to build a network of computers that can be controlled by an individual. These networks can be used to attack internet based services.



So, how do you avoid these problems? You take a layered approach:
  1. Educate your users about risky behaviour
  2. Block malicious websites
  3. Do not mix business and personal use on computers
  4. Keep operating systems up to date
  5. Firewall your systems and networks
  6. Regularly scan your computers using antivirus software
  7. Keep your list of virus definitions up to date

No comments:

Post a Comment