Wednesday, August 13, 2003

Mind Your Viruses

As part of my job description, I am responsible for maintaining a secure computing environment for my customer. While it does give me the perk of being able to browse the Net at any time I like, it also falls on my shoulders to be aware of any potential security threats to the computers under my care. These threats, most of the time, involves computer virus infection and on some rare occasions an intrusion attack to the internal networks. It is part of this job description that I came to know of the recent Blaster worm attacks that are ravaging the computers in the US yesterday. This particular computer worm, while not very destructive in nature, managed to cause substantial chaos to computers connected to the web which had the vulnerability it was designed to exploit. It was a good thing that when the vulnerability was first announced a few months ago, I quickly initiated a patch schedule for all computers under my care or else I would be faced with all the problems my counterparts in the US are facing.

Computer viruses have been around as long as computers became popular with home users. I still remember the old DOS viruses like Michelangelo that used to prey on unsuspecting boot sectors of old. Back then, computer viruses most probably would have be transmitted from using an infected diskette or from installing some file someone downloaded from a computer bulletin board. These types of viruses are almost extinct today due to the decline of diskette usage popularity and boot sector security features of today’s operating systems. In their place, new classes of computer virus that use social engineering methods to propagate across the multitude of computers on the web have begun to emerge. These new breeds of computer viruses are much more challenging to fight as they use human frailties to ensure their continued survival and success.

One thing to know about the computer viruses today is that it is totally harmless on its own. Much like their biological counterparts in the world, computer viruses need to piggyback on another executable component before it can begin to cause any damage. Most common delivery practice is to include virus codes into document macros or executable files that are sent through the email architecture. These emails are usually worded with the intention of getting the unwary recipient to download the attachment and running them on their computer. Most often than not, these infected attachments will then proceed to make changes on the victims computer to ensure that copies of itself gets distribute to other computers connected to the same network and hope that it reaches a similarly gullible person who would begin the cycle anew. Depending on what it was designed to do, the potential of damage these computer viruses can cause grows exponentially with every computer it gets executed on.

I truely believe that all the automated computer virus detection and protection system in the world would be worth a damn if the computer user continues to ignore common sense in dealing with unsolicited email. The most common answer that I got from computer users who got infected by viruses by running these attachments was that they were curious about the file that came attached to the email. Although they have been reminded time and time again of the old cliché of how curiosity killed the cat, there are always those who choose to ignore the reminders and execute the infected files. I don’t actually care how popular one is in the office but would some lonely stranger in the US really send you a love letter that comes with a screensaver executable? I am still astounded by how many people actually fall for this trick.

As long as there are gullible people using the computers who continue to ignore the reminders from their friendly IT staff, the potential of computer service disruption due to computer virus infection will continue to be a possibility. The anti-virus protection software that we have in the market today can only protect us from known computer viruses as long as the users keep them updated on a regular basis. Having anti-virus software installed on your computer doesn’t immunize it from virus infection as long as the human component of the computer equation is still ignorant of the methods being used to spread computer viruses. Although I appreciate that these clueless computer users are effectively making sure that my job continues to remain relevant, I would rather that they learn their lesson quickly and save us all the grief of having to deal with computer viruses.

Of course with the over-exposure of this type of computer worms and viruses in the media today, the computing environment is poised to meet the next evolution progeny of the computer virus. When everyone is sufficiently educated and proficient on ways of avoiding current computer virus infection, someone out there on the Net would surely design a better virus. We don’t know yet what the next generation of computer virus might look like but I have a feeling that they would use the Web as their chosen method of transmission. The technology now exist to easily run executable commands the moment a website is visited and the instructions on how to do something like that are frighteningly simple to obtained. I have yet to see this kind of virus in real life but I would bet that it is out there somewhere on the Net just waiting to be unleashed.

No comments: