Computer Virus
What are Computer Viruses? How do Computer Viruses work?
Everyone talks about computer viruses. There are regular warnings about PC viruses that can silently spread to your computer and cause great damage. But what exactly is a computer virus? What are the chances of eliminating one? And what kind of protection is really effective against them?
Computer Virus definition
The word virus comes from Latin and means “poison” or “slime.” Unpleasant as these terms are, they well describethe consequences when a computer virus infects your PC. In the worst case, a virus can cause a complete system failure.
The origins of the computer virus can be traced back to Fred Cohen, an American who programmed the first PC virus in 1983. It could penetrate other applications and programs almost unnoticed and then spread to other machines. While today Fred Cohen is not a hacker, but a researcher and professor of computer security at the University of New Haven in West Haven, the viral code he developed laid the foundation for many dangerous computer viruses known today.
How does a computer virus really work? Technically, a computer virus is a self-propagating computer program. What is special about viruses, compared with other forms of malware, is that they can spread to your PC without your consent.* A computer virus infiltrates other computer programs and spreads to infect other systems, and it can cause changes to the operating system or damage to other programs. In the process, the end user often suffers data loss or even damage to the hardware. Unlike so-called computer worms, a computer virus usually only spreads locally, much more slowly and therefore causes less damage overall.
How Computer Viruses are made
How is a computer virus created and what is it used for? First of all, computer viruses do not develop on their own, but are programmed, usually to deliberately damage computers, systems or even entire networks.
However, the first computer viruses in history were comparatively harmless. The first known viruses, such as the Creeper virus (1971) or the Ika-Tako virus, were programmed simply to annoy people or draw attention to themselves.
However, other computer viruses that emerged over the years were designed to inflict extreme damage on their recipients.
In addition, there are “well-intentioned” viruses, whose programmers* aim to discover security holes in the systems of certain companies or even in governments. In contrast, the aim is to improve security measures so they can withstand the attack of a PC virus that has more malicious intentions in the future.
There are also so-called “benign” PC viruses, such as the Cruncher virus, which compresses any infected file and thus creates space on the hard disk. However, these types of “benign” viruses are clearly outnumbered.
For programmers*, the advantage of using a computer virus is that it is rarely possible to find out where the virus came from.
Types of Computer Viruses
In general, two different types of computer virus can be distinguished, depending on the route of infection—PC viruses that infect files and viruses that copy themselves in the boot sector. The advantage of boot sector viruses is that they are activated directly at system startup.
Program viruses are divided into non-subscription and subscription viruses. The former are placed at the beginning or end of an executable file. However, the size of the file is changed by the computer virus attachment. Overwriting viruses do not change the size of the file because this type of computer virus overwrites the beginning of the file.
There are also calling viruses, for example, that insert a link type into the file to be infected. This leads to the real virus, which is hidden in the PC.
Protection Against Computer Viruses?
This is a question that employs many people and companies. One thing is certain: complete protection against computer viruses would only theoretically be possible if the PC were completely isolated from outside data. But that would mean avoiding the exchange of files via USB stick, CD or Internet. Therefore, this approach is not very practical.
One effective method in the fight against PC viruses is prevention, which requires caution when dealing with Internet sources. This means, for example, that email attachments or files from unknown sources should not be opened. In addition, you should use a spam and malware filter for your mailboxes.
If computer viruses reach your PC, an antivirus program can detect, block and combat the malware. The antivirus tools available on the market can be divided into three types: Real-time, manual and online scanners.
Real-time scanners run directly on the computer in the background. As their name suggests, they work in real time and constantly scan memory, all programs running on the PC and data traffic. As soon as the antivirus program recognizes the signature of a malicious software, it blocks the user’s access to the targeted data.* They then have the option to move the data to a quarantine directory, delete it or repair it. A quarantine directory is an area on the computer that is separated from the rest of the system. This area is used to check what the software is doing to the operating system—if it is causing damage to the system, the antivirus program removes the malware. The Hornetsecurity Advanced Threat Protection sandbox works on the same principle.
Manual scanners work in a similar way, but instead of being continuously active, they start the process of scanning for a PC virus after a manual request from the user* or when directed by a timer the user has set. The antivirus program then scans all the data on the PC for malicious software and informs the user* of the result.
The unique feature of online scanners is that they load virus signatures and their program code onto the Internet and check the data on the PC depending on the information found. To use an online scanner, there must be an Internet connection. Online scanners are often used in conjunction with installed anti-virus software.
Important: Since new forms of computer viruses with new virus signatures are constantly being created, anti-virus tools must always be kept up to date. It also makes sense to continuously update the operating system installed on your PC because there are often security holes in outdated operating systems that are a target for computer viruses. These security holes are often corrected in patches, which is why regular updates are so important.
Another form of virus detection is vaccination, where data is recorded in certain sections and stored in a special file. During subsequent checks, the last saved file is compared with the current status. If a discrepancy is found between the two files, the program alerts users to a possible computer virus infection.
In principle, it is advisable to make backup copies of all files so as not to lose data irretrievably in the event of a computer virus.
Protecting Your Email Inbox
Computer worms often infect computers through email, like for example, through a phishing email. You can protect yourself from this by identifying the threat before the malware is on your computer. This works for companies, for example, with Hornetsecurity Spam Filtering and Malware Protection or Advanced Threat Protection against threats.
Case Law on Computer Viruses
The consequences to hackers for causing the spread of a computer virus are not clearly formulated in the law. In Switzerland, for example, programming or spreading a computer virus and exploiting it is punishable by up to five years in prison. In Germany and Austria, there are no precise regulations on this subject and the legal situation is more unclear. In any case, changing data in someone’s computer system with a virus is a punishable offense, but the exact penalty can vary depending on jurisdiction.
How to improve IT security with Security Awareness
Employees are on the first line when attackers try to exploit technical or human vulnerabilities. By training your employees companies reduce the risk of becoming a victim of phishing attacks. The Security Awareness Service from Hornetsecurity offers automated Security Awareness Training and phishing simulations.
Visit Our Knowledge Base
Did you like our contribution from the knowledge database on the subject of Computer Virus? Then you get to the overview page of our knowledge database here. There you will learn more about topics such as Emotet, IT Security, Cryptolocker Ransomware, phishing, GoBD, cyber kill chain and computer worm.