-------------------------------------------------
Computer Viruses are a major threat to business information systems

April 23, 2013

Computer Viruses are a major threat to business information systems Computer viruses are programs that infect your system and multiply. Viruses have many symptoms: some can simply slow down your computer whilst others can have more severe effects like moving documents and/or deletion of documents or programs. No matter the severity of the virus and its symptoms they should be dealt with by an up-to-date anti-virus program and security software, as systems with out-of-date protection are more susceptible and at risk. I agree that computer viruses are a major threat to business information systems because it is a way for hacker to gather useful information about a company and harm them. According to CNN workplace computer virus infections are up forty-eight percent over last year due to the increased spread of macro viruses usually found in files attached to E-mail, according to the International Computer Security Association, Inc.
The number of infections per one thousand personal computers was twenty-one point fourty-five in nineteen ninty-seven; it's now at thirty-one point eighty-five, said the ICSA, in Carlisle, Pa. The study is based on a survey of some 300 corporations and corporate sites, representing some 750,000 PCs and servers.
The rising virus epidemic can be blamed on macro viruses in Microsoft Word documents sent as attached files over the Internet. But it's not only the ease of sending infected documents that is increasing the number of infections; it's that writing a macro is so simple, said John Wheat, who works in the virus area of ICSA.
"Word viruses are so easy to write," Wheat said. "You purchase a copy of MS Office, and you have all the tools you need," he said.
Aside from ensuring that antivirus software is updated, IS departments can also instruct users to open any E-mail attached a Word file in WordPad and save it as a Rich Text Format file. That process will remove the macros, Wheat said, and the file can then be reopened in Word, he said.(CNN.com)
Computer viruses are most commonly passed through interaction over the internet, whether they are attached to (or are disguised as) downloaded files or emails sent from friends with already compromised systems. Viruses can be passed from computer to computer without the owners knowing they are passing them along.
There are 3 basic types of viruses: Trojan Horses, Worms and Email Viruses.
Trojan Horses – A Trojan – named after the Greek army’s tactic of hiding their soldiers in a giant wooden horse that was sent as a gift to the city of Troy (In Homer’s epic Illiad) – disguises itself as a document or file of interest, e.g. a sound-bite or song for a music lover, a new patch for an MMO or game for gamers or a picture/video. These viruses do not multiply but rather make your computer’s protection weaker and thus makes your system more susceptible to viruses and other kinds of malicious software.
Worms – The Worm-style of virus is a program that, once inside your system, multiplies and scans for flaws or loop-holes in your security systems and protection. The Worm-style virus attempts to spread itself through a large network by taking advantage of the loop-holes and flaws that it finds or sending itself through the intranet of the network to other computers.
Email Viruses – Email viruses use (as suggested by the name) emails to send itself to other computers and spread itself, they often forward themselves from infected computers.
Prevention and protection from these types of viruses are simple; usually an up-to-date anti-virus software and security program is all that is needed. Recommended companies that supply anti-virus software and other protection/security programs are AVG, Symantec, Avast! And Sophos.
Anti-Virus software is a useful tool against viruses, which is a given. Having been specifically designed to combat the viruses, any good A-V software will regularly scan, at routine intervals that you can set, your computer, stored files and hard drives for viruses. Most decent A-V software will give you several options, allowing you to enact a scan at your discretion, the depth of the scan and connects you, through the software and internet, to a database which stores data on the viruses found on a fellow A-V user’s computer. Another feature most A-V software gives is the automatic scan of any files you download through your web browser, or the option to scan any file you already have downloaded on to your system. Downloading from the internet is risky, you can never be sure of where the file is coming from. Viruses, as stated above, can be, and often are, disguised as files of interest for certain people to fall foul of.
As well as receiving viruses through an email system, which are usually disguised as a file attached to an email from an unknown sender or random contact, there are other problems associated with email systems. These problems are things such as: files not attaching to emails, mail from misrepresented or unknown users and inappropriate content in junk-mail. (www.spamlaws.com)
Also I feel that when you are at work you should not check your personal e-mails because a virus can only spread from one computer to another when its host is taken to the uninfected computer via a network, Internet or a removable device. However, viruses can easily spread by attachments in e-mail messages, instant messaging messages, funny images, greeting cards, They can also be hidden in illicit software or other files or programs that you might download. (Microsoft)
So keep in mind Be careful when you click that "send" button on your office computer. The e-mail message you send could come back to haunt you. Just ask former and current employees of Enron.
As part of its investigation of the scandalized energy giant, the government collected massive amounts of evidence — including more than 1.6 million e-mails to and from Enron workers. And now, all of those messages have been posed on a public, government Web site.
Most of the electronic notes have to do with the highly technical business of trading energy. Some of the messages have to do with human resources, like reminding workers to get flu shots.
But plenty of the e-mail is personal. Very personal.
There are the messages arranging for sailing and skiing trips, as well as messages complaining about the job and so forth.
Then there are more steamy messages.
In one, an e-mailer cryptically writes to an Enron worker, "So, you were looking for a one night stand after all." In another e-mail, someone else ironically wrote: "I hate calling your cell phone. You never know who is there."
If only the writer knew who would be reading his or her e-mail now.
And that's a lesson that all Internet users can learn from, says Internet privacy expert Parry Aftab.
"Think before you click 'send,' " says Aftab."If it's something you don't want read by others, don't do it at work, don't do it by e-mail."
But the lesson is even more important to office workers, says Aftab, because it help shatter a common myth: using the office PC for personal business is OK.
Aftab says most companies use so-called "acceptable use policies" that tell workers flat out they're not supposed to have personal e-mail on their office computers. "You're not supposed to do things like sending [e-mails] to your kids or having romantic e-mails because [the companies] have the right to monitor them," says Aftab. (ABCNews.com) Companies can make a huge impact on reducing viruses in their workplace by encouraging their employees to take computer etiquette courses. They should understand that worldwide problem exists with spam e-mail. Laws have been passed in the United States and in other countries to reduce the abuse of the Internet caused by people who send millions of unwanted e-mails. Several recent high-profile cases have sent the spammers to jail or charged them very large fines. Spam hurts everyone who uses the Internet because it clogs e-mail servers and frustrates people who use e-mail responsibly when they have to delete 1/2 or more of their e-mail because it's spam. Unwanted spam e-mails may contain advertising, offensive material, viruses, ad-ware, spy-ware or simply clog up the mail servers and people's inboxes. Let your employees know that they as well as managers can help prevent infecting company computers because most average computer users are not well prepared to deal with Adware, Spyware, Phishing or Spam. If you work for a company or non-profit agency, contact your Help Desk or Technical Support staff for help if you suspect you are receiving spam or your computer might have adware or spyware. They will usually have special programs that can check your computer for viruses, adware, spyware, trojans and other unwanted software. If your computer is running very slowly or programs are crashing regularly, you may have adware or spyware that is taking all of your computer's resources for itself without your knowledge.
To protect against spam, be very careful about how you and your employees give out their e-mail addresses. If you use newsgroups or post messages to public websites, make sure you use an alternate e-mail address as these are prime targets for automated programs that harvest e-mail addresses then sell them to spammers. Alternate or disposable e-mail addresses can be obtained at any of the free e-mail services. You can change these addresses without jeopardizing the security of your business. Be especially careful about opening attachments to e-mail. Before opening any attachment, be absolutely sure you know what it is and that you know the person sending it. If you are not sure, write back to them and ask them what they sent you before opening the attachment.
Just because an e-mail has a familiar name, doesn't mean it's really from that person. The newer viruses steal e-mail addresses and use them to fool people into opening malicious attachments. Many corporate servers and some Internet service providers have the ability to block the most common types of harmful attachments.
Some companies have spam e-mail filters that will block known junk mail before it gets to you. Some programs allow you to flag each send of spam so that any future e-mail from them will be deleted. There are also programs such as Mailwasher that review your mail on the server before you read it and can be programmed to identify spam for you automatically. You can flag your "friends" so their e-mail is saved for you.
For your home or office computer, be sure you have an up-to-date anti-virus program. Major vendors of good virus programs include Norton and McAfee. These can be purchased online or at business supply stores. The newest versions include protection against the worst forms of Spyware.
Newer web browsers such as Firefox have some built-in features to block malicious programs when you visit websites. Microsoft's Internet Explorer version 6.0 with Windows XP Service Pack 2 contains a built-in pop-up ad blocker that can prevent obnoxious ads, which sometimes lead people to websites with spyware.
Many malware programs target known security weaknesses in Microsoft products, seeking computers that do not have the latest updates installed. Using an alternate browser (such as Firefox or Opera), and alternate e-mail programs (such as Netscape, Mozilla or Thunderbird) can prevent disaster for home computers. Even some large companies are using alternate programs to reduce their security risks.
Not only personal e-mails are harmful but certain sites you visit on your workplace computer are harmful as well. According to Symantec, 20 percent of all blog and Web communication sites are infected with malicious code, 15 percent of hosting sites are infected, and 10 percent of business and economy sites. Surprisingly, a mere 2 percent of pornographic sites are infected. Conventional wisdom would flip that list upside-down. (cbsnews.com) * Blogs and Web communications * Hosting and personal hosted sites * Business and economy * Education and reference * Technology * Entertainment and music * Automotive * Health and medicine * Porn
Obvious sites that most often include malicious programs include porn and gambling sites, lyric websites and any site that requires a file download before it opens. Coupon sites, screensavers and wallpaper sites, survey sites and any email attachments from unfamiliar people are also potentially dangerous. Your employees might think that their personal email, favorite shopping sites and news sites are safe. Unfortunately, almost any site can be dangerous. The games they play as stress relief between projects, those stock market updates, even scheduling a doctor’s appointment for a sick child could result in malicious programs attaching themselves to company computers. Online activity is never really anonymous, especially on work-issued equipment. If they need to hide online activity from you, they shouldn’t be doing it at work.
Even with all of those precautions in place, dangerous sites sometimes hide behind a veneer of authenticity that an employee might not see through. Using antivirus software is the most reliable way to tell if a site is safe. It checks sites before opening them, which prevents your employees from accidentally compromising your company’s personal data. (pacificcommunityventures.org) Computer viruses have been around for a long, long time pretty much as long as personal computing and mainstream software development they've been making international news since the Internet graduated from a researcher's toy to a tool for consumers. While the first virus in this brief history coincided with the birth of the 3.5-inch floppy disk, a lot of the malware we see these days relies on social media or mobile apps for transmission, adequate proof that with any innovation comes an opportunity for exploitation. The twist these days is that more viruses are specifically targeted to steal personal data and make money for their creators, which was not necessarily a goal for many of the virus-writing hackers of the late 1980s and early 1990s. In fact, according to this data, the first money-making computer virus didn't hit PCs until 2003. In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or computer network. Hackers may be motivated by a multitude of reasons, such as profit, protest, or challenge the subculture that has evolved around hackers is often referred to as the computer underground and is now a known community. While other uses of the word hacker exist that are not related to computer security, such as referring to someone with an advanced understanding of computers and computer networks, they are rarely used in mainstream context. They are subject to the long standing hacker definition controversy about the true meaning of the term hacker. In this controversy, the term hacker is reclaimed by computer programmers who argue that someone breaking into computers is better called a cracker, not making a difference between computer criminals (black hats) and computer security experts (white hats). Some white hat hackers claim that they also deserve the title hacker, and that only black hats should be called crackers.
To prevent your computer from being infected by viruses, it's essential to keep your computer current with the latest updates and antivirus tools, stay informed about recent threats, and to follow a few basic rules of safety when you surf the Internet, download files, and open attachments. Always remember not to open an attachment file unless you know who it’s from and what it’s for. (Microsoft)