Monday, November 20, 2000		Lead Article

Virus attack: you could be next 
by Vipul Verma

IT is a universal truth that good and evil co-exist. The same applies to the world of computers. There is an immense productive power in computer software, while the evil software program called virus has devastating capabilities. A computer virus is a small program created intentionally to affect the normal computer operations. Though small, it can prove fatal and the effect could range from being a mere annoyance to being lethal.

Virus is not something new to the computer world. Even in 1960s, when computers were first used commercially, presence of viruses was known. At that time a virus was a mere laboratory specimens, used for the purpose of research and development. It however became a menace only after 1980s, when virus builders put it to harmful use. Since then, the numbers of viruses and virus attacks have caused a lot of destruction. There is hardly any computer that has not been affected by virus at some time point of time.

According to a recent study, the number of known viruses runs into thousands of programs. There are some malicious programs known as worms and Trojan horses that are relatively less harmful as compared to a virus. One thing common to all variants of this modern day evil is their malicious code. However, all malicious codes are not viruses. A Worm replicates itself and slithers through network connections to infect any machine on the network and replicate within it, eating up storage space and slowing down the computer. But worms don’t alter or delete files. A Trojan horse does not replicate itself.

It may appear to be as harmless as a screen saver but captures information from the system like user names and passwords and then passes it on to a hacker on a remotely-controlled computer or even controls your computer remotely.

All viruses do not have the same destructive capabilities. There are about 200 to 300 viruses that are considered very deadly. About 74 per cent of all viruses are parasitic that primarily attack executable files (.exe). Another 19 per cent are macro viruses that affect MS Office applications like MS Word, MS Excel and PowerPoint. Only 7 per cent of these are boot sector viruses, which get transferred through an infected floppy. The increasing use of networks has reduced boot sector virus attacks. In the Indian environment, since floppies are still used frequently for boot up operations and data transfer, computers here are prone to boot sector virus attacks.

The most serious threat to a computer comes from parasitic viruses owing to their rapid multiplication. Studies show 5 years ago a chance of receiving a virus over a year was 1:1000. Today the probability has dropped to about 1:10.

How does a virus enter a computer? The entry points for a virus into the computer could be through e-mail, World Wide Web, downloads, infected floppies, infected magazine CDs, or even hacking. However, once you open an infected file or application, the malicious code copies itself onto a file on the system where it waits to deliver its payload — whatever the creator of the virus intends it to do to your system. Once a virus enters a computer it automatically find its way to its proposed destination.

The virus may not start its activities immediately. A virus may remain dormant fora while or till a pre-determined date and then cause an explosion on the intended time and date. For example, the deadly Michelangelo virus was programmed to release its payload on March 6 of any year — the artist’s birthday. There are other viruses that are intended to get activated on Christmas, New Year, etc.

How does one combat the virus threat? Since all entry points for a virus cannot be blocked, precaution is the best alternative. To begin with, do not open e-mails with attachments like .vbs, .exe, .doc, .xls, .shs or .scr. Though it’s not necessary that these files may contain viruses, the e-mail virus normally comes as attachments with these file extensions. Even if you receive a file from a known source with these extensions, either re-confirm from the sender or scan it with anti-virus software. However, don’t ever open any such files in your e-mail client.

As another precaution, ask the sender of e-mail to send an .RTF (Rich Text Format) file rather than a .doc attachment. Similarly, in place of a .XLS file ask for .CSV file that eliminates the risk of macro virus in the mail. Likewise, if you use PowerPoint, you may want to use PowerPoint 7 or earlier as it did not support macros, eliminating the chances of a macro virus.

PKZIP and PKUNZIP utility for unzipping files reduces the risk of virus attacks as compared to self-extracting zip files.

Avoid downloading and collecting screen savers on your hard disk. Remember that there are some very deadly viruses and Trojan horse, which comes with the extension of .SCR, which shows a screen saver.

In order to protect your computer from a boot sector virus, use a floppy only after scanning it with a virus scanner or change the CMOS boot-up sequence from A: C to C. Whenever, there is a need to boot the computer from the floppy or A: drive, always remember to change the CMOS settings back to C:

Always remember to take a back up of your precious data periodically so that in case the virus enters a computer and causes destruction, you can restrict your loss.

Besides all this, it is necessary to use a quality virus scanner that is capable of detecting and removing the virus. Some good virus scanners are McAfee, Dr Solomon anti-virus, Norton Anti-virus, Panda Antivirus, PC Ciline and AVP Pro. Keep your virus scanner updated so that it can scan for new viruses.

Last, but not the least, keep an eye on any information that becomes available from time to time regarding the security patches in the Internet browser and e-mail clients. Use of the latest and up to date security patches also prevents the intrusion of viruses to a large extent.