Virus+Protection

The ICT threat

Threat: Malware ● malicious code that includes viruses, worms, and Trojan horses ● can pose a threat via instant messaging (IM) or e-mail How They Attack: ●They may appear in an IM or e-mail from someone you know to trick you into opening them. ● They may not have symptoms of infection, but they may be silently gathering information. ● Some may reduce performance or cause strange behaviours by your computer like a spontaneous reboot. What to Do: ●Open only attachments that come from trusted sources and that are expected. ● Have attachments scanned by anti-virus software prior to opening. ● Delete all unwanted messages without opening. ● Keep security patches up to date. ● Do not send files over IM.

Threat: Spam ●unwanted or unsolicited electronic messages ●can pose a threat via IM or e-mail How They Attack: ● Spam is a serious security concern as it can be used to deliver Malware. ● Messages that do not include your e-mail address in the TO or CC fields are common forms of spam. ● Some spam can contain offensive language or links to websites with inappropriate content. What to Do: ● Install spam-filtering/blocking software. ● If you suspect an e-mail is spam, do not respond; just delete it. ● Disable the e-mail preview pane and read e-mails in plain text. ● Reject all instant messages from persons who are not on your buddy list. ● Do not click URL links in messages or e-mails unless they are from a known source and expected.

Threat: Spyware ● malicious software designed to intercept or take partial control of a computer’s operation without your consent ● can pose a threat via surfing the WWW How they Attack: ● Many free programs downloaded from the Web install software that tracks your behaviour and displays unwanted advertisements. ● Some web pages will attempt to install spyware when you visit them. What to Do: ● Use a firewall to block unsolicited requests for outbound communication. ● Do not accept or open suspicious error dialogs from within the browser. ● Spyware may come as part of a “free-deal” offer. Do not accept “free-deals.”

Threat: Vulnerabilities ● flaws in computer software that create weaknesses in the overall security of the computer or network ●can pose a threat via IM or surfing the WWW How they Attack: ● A vulnerability in the web browser may create a weakness in the computer security, providing an opportunity for some websites to download malicious code. ● Most instant messages still travel unencrypted across the Internet, exposing private conversations to anyone who can find a way to listen in. What to Do: ● Install product updates and security patches before using the Internet. ● Keep web-browser and IM software up to date with the latest patches. ● Make sure your computer is configured securely. ● Protect yourself with a personal firewall.

Print Page 300

QUICK BYTE

SPYWARE

The term spyware got its current meaning in early 2000. The founder of Zone Labs, Gregor Freund, used the term in a press release for the ZoneAlarm Personal Firewall. A 2004 study by AOL and the National Cyber-Security Alliance found that 80 percent of computers had some form of spyware, with an average of 93 spyware components each. Eighty-nine percent of those surveyed reported that they did not know that there was spyware on their computers. Ninety-five percent said they had not given permission for the spyware to be installed.

Protecting against Viruses

The effects of viruses can be devastating, especially when they result in the loss of data and files. Because businesses rely so heavily on computers these days, they are very much at risk, so it is no surprise that they invest in virus protection systems.

The best way to protect your computer is to make sure viruses cannot get to your computer in the first place. You can protect yourself from viruses by doing the following:


 * using anti-virus software and a firewall


 * backing up your files regularly


 * protecting your computer with a password


 * locking it when not in use

Anti-virus software can be used to scan your hard drive(s) and other storage media to locate and destroy viruses. Companies that sell this type of software have updates available at their Internet sites. New viruses are detected daily. These companies post updated definition files on their websites for users to download. Some anti-virus software programs provide automatic updates if you choose to enable them. Always keep your anti-virus software up to date. Outdated anti-virus software leaves you open to attack from new viruses. Most importantly, run this type of software regularly. If you do happen to get a virus, this software will usually help you remove it.

Scan all disks and CD-ROMs you receive with anti-virus software before using them. When you download software or files directly from the Internet, always check to see if they are infected before you run them. For safety, scan downloads with anti-virus software before you run or install them. A firewall is a piece of software that prevents certain information from entering or leaving your computer while online. Many anti-virus software programs include firewalls, as do some operating systems. When kept up to date, they can be very effective in blocking viruses.

Regularly back up your files onto CDs, disks, or other removable storage devices, or upload them to a secure site online. Regular backups are important in case a virus attack destroys the files on your hard drive. You may choose to back up daily, weekly, monthly, or less frequently. How often you back up your work is a choice about how much data you are willing to lose! Lock your computer when you are not using it so it can be accessed only by a password. You may practise safe computing, but do others who have access to your computer?

When using a computer at school or at a library, log off whenever you leave your workstation. You never know who might take your spot and what they might do while posing as you.

Print Page 301

INVESTIGATE IT! ETHICS

COMPUTER VIRUSES KEEP HACKERS INFORMED

An emerging breed of computer virus that keeps hackers informed about the latest weaknesses in computer networks has been discovered by security experts. The viruses infect a network, scan for security vulnerabilities, and then report back to hackers through an Internet chatroom. All this extra information allows hackers to fine-tune their attacks or perhaps even target an individual computer within a network. These viruses are called vulnerability assessment worms.

This ability of vulnerability assessment worms to scan their hosts for unpatched security holes and report their findings back to hackers has gone largely unnoticed until recently. One example is SpyBot.KEG, a worm discovered in February 2005. It reports nature of vulnerabilities back to its author via an Internet Relay Chat (IRC) channel-a type of online chatroom.

Kevin Hogan, senior manager at Symantec’s Security Response division in Dublin, Ireland, says that the volume of new viruses is so vast because the source code for many programs is posted online, allowing anyone to make their own variant. Kevin says that good firewall defences will prevent hackers from succeeding at using vulnerability assessment worms. He says IRC has proved the downfall of many of these hackers. Once the genuine IP address of the IRC channel host is known, tracking the hacker is not too difficult.

Questions


 * 1)  Define what vulnerability assessment worms are, and give an example.


 * 1)  Create a flow chart to show how a hacker uses vulnerability assessment worms.


 * 1)  What can people or organizations do to protect themselves from vulnerability assessment worms?


 * 1)  Knowing how vulnerability assessment worms work, think of at least one way that organizations might use them to their advantage.

REVIEW IT! AND DO IT!


 * 1)  In what way do computers pose a threat to a user’s security?


 * 1)  What is a firewall?


 * 1)  What is malware? How can you catch it?


 * 1)  What are the most common ways that a virus is transmitted?


 * 1)  Explain what computer vulnerabilities are. Describe how malicious software takes advantage of them.


 * 1)  Name and describe three strategies you can use to protect yourself against viruses.


 * 1)  Using a search engine, work with a partner to locate reviews for two different anti-virus software programs. Together, create a poster-sized chart that compares the two programs, including benefits, costs, and disadvantages. Include graphics where appropriate, and cite your sources correctly.