Don't Forget Your Vaccination!
What's New in Technology
Don't Forget Your Vaccination!
What is a virus?
A virus is a program that attaches itself to another program or file. When the infected file or program is opened, the virus goes to work replicating itself and attacking whatever program or file types it was designed to attack.
While the preceding definition is very simplistic, it contains the two main objectives of a virus it is designed to replicate itself many times and it is designed primarily to attack one computer. However, with all of the file swapping going on these days, the practical effect is that a virus may be transmitted to many computers.
How are viruses transmitted from one PC to another?
In its 2000 survey on the subject, ICSA Labs (International Computer Security Association) found the method of transmission from one computer to another has changed greatly in the past few years. In 1996, about 74% of the viruses were transmitted between computers using diskettes. Today, 87% of virus infections come from e-mail attachments while only 6% come via diskette.
How prevalent are these little bugs?
Viruses are proliferating rather quickly. The ICSA Labs report for the year 2000 reflects a substantial increase in virus infections over the last five years. In 1996, the infection rate was only 10 computers out of 1,000. In 2000, the infection rate was 91 computers out of 1,000. That represents a compounded annual growth rate over four years of approximately 75%. Can you think of any mutual fund manager who wouldnt love to report those results over a four-year period?
If these numbers dont impress you, think about the cost of virus attacks. The survey asked for reports from companies based on virus disasters or viruses that attacked 25 or more computers. Direct costs of recovery from those questioned ranged from $10,000 to $120,000. The ICSA estimated that the actual cost, including lost productivity, would range from $100,000 to $1,000,000.
While these represent costs for larger companies, think about the lost productivity when all of the computers in a three-computer shop are down because of computer viruses. If that represents your business, you know that even a little downtime can be devastating.
What kind of bugs am I likely to meet?
Lets give you a few definitions.
As we said, viruses are computer programs designed to attack files and programs in one computer. They might replicate rapidly to every file or program on the machine, or infect spreadsheets and documents slowly as the files are opened or created.
Viruses can either be benign or malignant . Benign viruses generally do little damage except display an annoying message at a pre-determined time or slow down computer performance. Malignant viruses, on the other hand cause damage to computer systems by infecting a file and then waiting for a trigger event to cause the damage.
Boot sector viruses are activated when the machine first starts or boots up. They generally sit in memory, waiting to attack files or programs that are loaded into memory for processing.
File viruses attach themselves to program files with extensions like .Com, .EXE and sometimes .SYS, .DRV, .BIN or .OVL. When the program is started, the virus is activated.
Macro viruses attach themselves to Microsoft Word or Excel files and are executed when the files are opened. How often have you received a Word or Excel file from a colleague and innocently opened it? Around here, we do it quite often.
In addition to viruses, there are also worms and Trojan Horses. Worms are specifically designed to move from one computer to another without being detected. The prevalent use of e-mail, TCP/IP and other networking technologies enable worms to leave their initial home and branch out to all computers on the network. A Trojan Horse is a program with a hidden agenda. Typically, the program, once executed, causes some form of significant damage to the system.
So, where can I get a vaccination for these bugs?
The short answer is that you will never be fully vaccinated from all viruses. Just as with the flu, new strains and forms of viruses, worms and Trojan Horses are appearing all the time.
The best defense against these bugs is to set up a good offense of software programs and system policies and procedures.
First, you should obtain an anti-virus software that has been ICSA certified. ICSA Labs maintains a current listing of certified programs.
Your second offensive measure depends entirely on the human factor. Not only must you install anti-virus programs, you must keep them up-to-date. As we previously said, new bugs are appearing all the time. This means new protections against them must be developed on a continual basis. Most good anti-virus software allows you to set up your computer for automatic downloads of new virus definitions. You should use these capabilities and, if not available, establish a routine of downloading new virus definition files at least semi-monthly.
This procedure should be observed on every computer that has anti-virus software. You can only do this by establishing a policy of requiring employees to obtain the most recent virus definitions, or providing the files yourself.
Third, warn users to NEVER open an e-mail from someone who is unfamiliar to them and/or from familiar parties with unusual subject headings. Some viruses can automatically mail themselves to everyone in your address book.
With the advent of flu season, it seems we are also faced with computer virus season. While you cant protect against attack 100%, some very good programs exist to help you and your employees protect against costly computer viruses. Proper use of software and policies to guide the human element in an IT system will afford you the maximum protection against computer viruses.
As always, we stand ready to help you design your virus defenses. Give us a call and let us help you have an uneventful virus season.
In the meantime, have a truly joyful holiday season and a happy and prosperous new year!
These articles are intended to provide general resources for the tax and accounting needs of small businesses and individuals. Service2Client LLC is the author, but is not engaged in rendering specific legal, accounting, financial or professional advice. Service2Client LLC makes no representation that the recommendations of Service2Client LLC will achieve any result. The NSAD has not reviewed any of the Service2Client LLC content. Readers are encouraged to contact their CPA regarding the topics in these articles.