Viruses
By: Artur • Research Paper • 2,603 Words • February 15, 2010 • 770 Views
Join now to read essay Viruses
Computers have become much more important and popular to our society in recent decades. The computer’s ability to perform so many tasks speedily and reliably makes it useful for a wide variety of purposes. Therefore much important information is stored on computers. Because people and organisations depend on computers every day for a variety of significant tasks, it is imperative that the systems which are used are protected from loss, damage and misuse. This essay identifies some potential risks to computer systems and software and the safeguards that can be taken to minimise these risks. A computer security risk is defined as any event or action that could cause a loss or damage to computer equipment, software, data and information, or processing capability. Some of these risks, such as viruses, unauthorised access and use, and information theft, involve deliberate acts, which are against the law. Any illegal act involving a computer generally is referred to as a computer crime.
With the advent of the modern day digital computer, a new methodology of crime has been created. Electronic crime is held partly responsible for wreaking havoc in the financial world. Computer systems are under attack from a multitude of sources today. These range from human threats such as hackers to malicious code such as viruses and worms.
The term hacker, though initially a positive term, has become associated with people who try to break into computer systems. Crackers and hackers typically break into systems
by connecting to them via modems and logging in as a user. Some do no damage, but merely wander around the system before logging off, while others leave some evidence of their presence by either leaving a message or altering data.
Unauthorized use is the use of a computer system or computer data for unapproved or possibly illegal activities. This may range from an employee using the database for personal activities to gaining access to a bank system and completing an unauthorized transfer
Human threats are perpetrated by a person or groups of people who attempt to penetrate computer systems through computer networks, public switched telephone networks or other sources. These attacks generally attack known security vulnerabilities of systems. These vulnerabilities are mainly due to software configuration errors.
Methods used by hackers to gain unauthorised access to systems include password cracking, exploiting known security weaknesses and network spoofing.
Password cracking is a technique used to surreptitiously gain system access by using another users account. Users often select weak passwords. The two major sources of weaknesses in passwords are easily guessed passwords based on knowledge of the user (e.g. wife’s maiden name) and passwords that are susceptible to dictionary attacks (i.e. brute-force guessing of passwords using a dictionary as the source of guesses).
Another type of method to gain unauthorised access is the exploitation of known security weaknesses. Two types of security weaknesses exist: configuration errors and security bugs. Configuration errors occur when a system is set up in such a way that unwanted exposure is allowed. Then, according to the configuration, the system is at risk from even legitimate actions. An example of this would be if a system “exports” a file system to the world (makes the contents of a file system available to all other systems on the network). Then any other machine can have full access to that file system.
Security bugs occur when unexpected actions are allowed on the system due to a loophole in some application program. An example would be sending a very long string of keystrokes to a screen locking program, thus causing the program to crash and leaving the system inaccessible.
A third method of gaining unauthorised access is networks spoofing. In network spoofing a system presents itself to the network as though it were a different system. Network spoofing occurs in the following manner: If system A trusts system B, system C spoofs (impersonates) system B. This allows system C to gain otherwise denied access to system A.
The easiest way to understand what a virus is, is to think of it as a biological virus. A computer virus also needs a host to infect. In this case it infects programs such as Internet Explorer, Microsoft Word or even the computer’s Operating System. As compared to a biological virus, a computer virus may be as benign to your computer’s hard drive as a common cold or as destructive as the Ebola Virus.
Viruses are made up of what is called code. Code is basic instructions that tell the program what to do (i.e. Show a picture, play a song, etc.). The computer virus attaches itself to the code and infects the program. When