The year 2000 saw the creation of the most dangerous and fast-spreading computer viruses ever known. Remember the Lovebug virus courtesy of a young Phillipino hacker? Just now there are around 30,000 of these highly dangerous computer programs out there, all of which are capable of installing themselves and carrying out unwanted attacks on your networks. The question is how can you guard against these ‘invisible’ gremlins? First, it’s necessary to understand the root cause of their development. The old-style mainframe computers had many problems, but virus vulnerability wasn’t one of them. The switch to PC-based networks, usually employing Windows software, changed all that. This environment is far from secure.
Added to that, businesses have come to depend on data from outside their own offices, first supplied on floppy disk and now, commonly, through the Internet. E-mails fly all over the place. And each one of these contacts with some other company’s systems involves the risk of catching a virus.
The fact that most businesses now use the same operating systems and applications has also improved the standard of living for viruses. Macro viruses have evolved, relying on finding Microsoft Office applications to flourish. When you open an infected Word or Excel file, the virus runs as a macro in that file.
The Internet is also to blame. Anti-virus publisher Network Associates believes that the renowned Melissa virus spread worldwide in just six hours. A new twist is the Babylonia Worm virus, programmed to access a web site and download even more viruses to a given individual’s hard drive.
The anti-virus arsenal
The first and most effective line of defence for any organisation is a reliable back-up system. No anti-virus software is 100% effective. A full back-up will often mean downtime and widespread disruption, but it’s worth it.
What of anti-virus software, though? All the major anti-virus software organisations provide regular updates that can be downloaded from their web sites, so keep an eye out. Check these sites weekly at the very least.
The third weapon in the anti-virus arsenal is good procedures. Having anti-virus software will not defend you against viruses if employees switch off the virus software, run programs before checking them or allow programs to run directly from the Internet. Educate end users. All floppy disks must be checked before use. All e-mail attachments must be scrutinised (html-enabled e-mail is particularly dangerous, since html code can include either viruses or links to virus sites).
There are many misunderstandings when it comes to surfing the Internet, and the security aspects that go with that. Most people think downloading files from the Internet is dangerous but it is, in truth, quite safe (as long as the end user doesn’t attempt to install files straight from the World Wide Web).
Since you’re not running a program, you can scan the files with a virus checker before using them. Remember that the provenance of downloaded files is important here. If they’re from a major computer industry site, such as a software vendor’s or a publisher’s, they’re probably safe. If they’re from a personal home page they may well be infected. Even if files are being downloaded from Microsoft’s own web site, check them first.
Java and ActiveX – used to run programs on the web, allowing web designers to add animations and other interactive content to their sites – are more dangerous than file downloads, since they can execute programs on the surfer’s PC. Strangely, many people who are wary about downloads regularly surf with Java enabled. Setting Internet security options to exclude Java is a sensible precaution.
Different types of file have different characteristics. Graphics files don’t carry viruses, neither do rich text format (rtf) files or Adobe Acrobat files (pdfs). This makes both types of file better for sharing information within a given organisation and in any external dealings. On the other hand, PowerPoint, Word and Excel documents can all carry viruses. All should be scanned before opening.
Beware the enemies within
Once a virus has made its presence felt, it can reproduce itself all the way across the organisation within a matter of hours if staff are not used to virus checking all e-mails.
There’s another way in which computer viruses can damage a business – and it has nothing to do with computers. Viruses offer a huge opportunity for self-styled ‘office experts’ to waste time and create inefficiency. Hoax virus warnings are often copied around e-mail networks by people who know no better. A number of web sites (see below) carry lists of hoax and real viruses – it’s easy to check.
The only way in which the IT/security manager can disenfranchise these ‘experts’ is to ensure that every member of the organisation understands what viruses are all about – and how to avoid their proliferation.
Clearly, a proper and thorough educational programme should be the order of the day. It may be a good idea for the security manager to suggest that, if his or her organisation has an Intranet, a virus advice page is added to that Intranet for ‘publicity’ purposes.
