Computer security threats - Viruses and computer worms
We need to understand that the most efficient hacking systems are not human hackers, but computers themselves. Viruses and trojans remain the most significant security threats - computers are very good at performing repetitive tasks, over and over, without ever getting tired, and therefore infected computers are working round the clock to spread viruses and trojans that they carry, as fast as possible, infecting millions computers around the world and therefore becoming #1 computer security threats today. Needless to say, we have to think about these very high security risks and take the needed computer protection measures, before it is too late.
Let's go through this most risky category of computer security threats and see which are the major subtypes. There are three major categories that cause the biggest damage, that we need to focus on: Viruses, worms, and email worms. Starting with viruses, a virus consists of a piece of executable code hidden inside a file. This file can be a program file, like an infected executable, or even within a document, like a Word doc file for example. Once the infected executable is launched by the user, or the document opened, the virus is activated and it loads itself in computer memory; from that point on it begins searching for storage drives and look for other files that it can infect, and then alter them by adding the infected code to these files. It can spread through boot sectors as well; an infected hard drive and mostly floppy disks were the most common way for viruses to reach other computers and several years ago, when floppy disks were commonly used as a way to exchange data, viruses had a great way to spread from one computer to another. However it is to be observed that this way of spreading around is not the most effective one; there must be some kind of user interaction before the virus is loaded, and therefore if nobody is using the computer, the virus will not be activated.
The second category we need to focus on, are computer worms. This type of computer security threats was very effective years ago when it began to spread around, and remains very dangerous today as well. A computer worm is a sneaky piece of code that has the ability to spread itself over a network (the Internet) and infect other computers, in an unattended mode - no user interaction is needed for the computer worm to spread around. The computer worm works by scanning the Internet and local networks for computers that are affected by certain known security vulnerabilities and bugs. For example, a computer worm known as Sasser was looking for a certain service running on Windows based computers (lsass.exe) and infected the machine by exploiting a certain security vulnerability existing in Windows based computers at the time. The computer worm exploits the security flaw by remotely connecting to a known server port and sending malformed data packets to these opened ports on the remote machine; the remote computer is tricked into executing the code provided in the malformed data packet, usually through a technique known as buffer overrun, and from then on the remote machine is infected and acts as a slave, and starts spreading the computer worm even further; this is why worms can infect millions of computers worldwide, in just a couple days.
Finally, the email worm which is getting more dangerous and comes in various flavours lately. But the way it works is pretty much the same. The email worm is a combination between a virus and a computer worm. It comes trhough an email that contains an attachment, and the attachment actually contains the worm. Such emails are very well crafted, and they usually trick unsuspecting computer users into opening them; therefore there is a point where user interaction is needed when dealing with an email worm. Once the attachment is opened, the worm becomes active and starts doing the harm. What it usually does is infecting various files on the computer, harvesting email addresses from your email address book and sending infected emails to all addresses it can find. Due to the sneaky way it gets into remote computers, email worms are the most dangerous security threat active today.
So far we only covered the way such extremely dangerous computer security threats are spreading around. But there's even more. Some of these viruses are intended to prevent computer users from working; they may suddenly show a countdown, and when it reaches 0 the computer is shut down. Starting the computer again is useless since it will again be shut down. Other viruses and worms slow down the computer and make working with it almost impossible. Finally, a large number of these malitious pieces of code are doing very bad things like deleting your computer data, which can be triggered automatically at a certain date. This security threat makes even clearer for everyone, that we need to be very careful and take proactive measures, to protect our computers from getting infected by such deadly computer security threats, be it a virus, a worm or email worm.
Let's go through this most risky category of computer security threats and see which are the major subtypes. There are three major categories that cause the biggest damage, that we need to focus on: Viruses, worms, and email worms. Starting with viruses, a virus consists of a piece of executable code hidden inside a file. This file can be a program file, like an infected executable, or even within a document, like a Word doc file for example. Once the infected executable is launched by the user, or the document opened, the virus is activated and it loads itself in computer memory; from that point on it begins searching for storage drives and look for other files that it can infect, and then alter them by adding the infected code to these files. It can spread through boot sectors as well; an infected hard drive and mostly floppy disks were the most common way for viruses to reach other computers and several years ago, when floppy disks were commonly used as a way to exchange data, viruses had a great way to spread from one computer to another. However it is to be observed that this way of spreading around is not the most effective one; there must be some kind of user interaction before the virus is loaded, and therefore if nobody is using the computer, the virus will not be activated.
The second category we need to focus on, are computer worms. This type of computer security threats was very effective years ago when it began to spread around, and remains very dangerous today as well. A computer worm is a sneaky piece of code that has the ability to spread itself over a network (the Internet) and infect other computers, in an unattended mode - no user interaction is needed for the computer worm to spread around. The computer worm works by scanning the Internet and local networks for computers that are affected by certain known security vulnerabilities and bugs. For example, a computer worm known as Sasser was looking for a certain service running on Windows based computers (lsass.exe) and infected the machine by exploiting a certain security vulnerability existing in Windows based computers at the time. The computer worm exploits the security flaw by remotely connecting to a known server port and sending malformed data packets to these opened ports on the remote machine; the remote computer is tricked into executing the code provided in the malformed data packet, usually through a technique known as buffer overrun, and from then on the remote machine is infected and acts as a slave, and starts spreading the computer worm even further; this is why worms can infect millions of computers worldwide, in just a couple days.
Finally, the email worm which is getting more dangerous and comes in various flavours lately. But the way it works is pretty much the same. The email worm is a combination between a virus and a computer worm. It comes trhough an email that contains an attachment, and the attachment actually contains the worm. Such emails are very well crafted, and they usually trick unsuspecting computer users into opening them; therefore there is a point where user interaction is needed when dealing with an email worm. Once the attachment is opened, the worm becomes active and starts doing the harm. What it usually does is infecting various files on the computer, harvesting email addresses from your email address book and sending infected emails to all addresses it can find. Due to the sneaky way it gets into remote computers, email worms are the most dangerous security threat active today.
So far we only covered the way such extremely dangerous computer security threats are spreading around. But there's even more. Some of these viruses are intended to prevent computer users from working; they may suddenly show a countdown, and when it reaches 0 the computer is shut down. Starting the computer again is useless since it will again be shut down. Other viruses and worms slow down the computer and make working with it almost impossible. Finally, a large number of these malitious pieces of code are doing very bad things like deleting your computer data, which can be triggered automatically at a certain date. This security threat makes even clearer for everyone, that we need to be very careful and take proactive measures, to protect our computers from getting infected by such deadly computer security threats, be it a virus, a worm or email worm.
This information is provided without any warranties of any kind. Use it at your own risk. Terms and conditions