Since the very beginning of human life on this planet, we have been dealing with biological viruses and infections of one sort or another. Now, in the digital age, a new sort of pestilence has emerged — the computer virus, along with a host of related electronic pathogens. As with their older “wet ware” cousins, computer viruses can cause trouble ranging from minor inconvenience to epic disaster. And, just like with “real” viruses, a whole host of strategies and tactics are needed to protect against infection, mitigate the damage done during an attack, recover from disease, and rid the infected systems of lingering germs.
The cornerstone of any effective anti-virus strategy is knowledge. The more you know about computer viruses, how they work, and how they spread, the more able you will be to protect yourself and your systems from problems.
What is a computer virus?
A virus is a computer program that is designed to spread. The ability of a program to replicate and spread itself is the defining characteristic of a virus.
There are related phenomenon, which we’ll cover in this article, that aren’t viruses. Additionally, there are many different types of viruses, which can be categorized in different ways — the way they spread, and also the way in which they compromise a computer system.
The ability of a program to replicate and spread itself is the defining characteristic of a virus.
There is a lot of overlap in these different categorizations. For example, there is a type of computer program that hides itself from your computer’s internal detection system. This is called a “rootkit.” Not all rootkits are viral. In fact, not all rootkits are even necessarily malicious — some are built-in to a system’s firmware by the hardware manufacturer. But some rootkits are definitely malicious, some are used to hide other malicious software, and some are designed to self-replicate and spread, which makes them viruses.
Many people call all these different bad computer programs “viruses,” even the ones that aren’t technically viral. Additionally, viruses and other malicious programs are often grouped together with the idea of being “hacked,” or attacked directly. Many people who experience computer viruses will say, “I’ve been hacked” or “My email has been hacked.” It’s helpful to have a handle on what these different terms actually mean, because that will help you understand the general ecosystem of malware.
A short malware glossary — different types of computer viruses
Malware is the general word used to describe all types of malicious or unwanted software that gets onto a computer system without the owner’s or administrator’s knowledge or consent. There are a lot of different types of malware.
Methods of Transmission and Infection
Malware isn’t effective unless it gets on to computers. Knowing how viruses and other malicious programs spread can help you prevent infection.
It’s important to realize that many of these methods work in combination. For example, a virus might use bulk email to send itself to other potential hosts, while disguising itself as a useful program.
Uses of computer viruses and malware
What’s the point of all this? Why would anyone want to infect your computer in particular? Some of the various motivations have been discussed above, but let’s go through all of the different purposes behind malicious software.
First of all, it’s important to remember that 99.99% of the time (or more), malicious software isn’t personally directed. Almost no one cares about your computer in particular — what the malicious parties want is as many computers as possible.
Another thing to keep in mind is that many infection schemes are multi-tiered. For example, a virus which enlists compromised hosts into a botnet might be sent via spam. That spam might be sent via the botnet, and once the computer is infected, it sends out even more spam, trying to build the botnet. Then, the botnet is used to send spam related to phishing schemes. It’s a complicated ecosystem, and sometimes various malware programs are competing for use of the host computer.
Botnet: Criminal Cloud Services
Many viruses enlist their host computer to join a botnet. Thse are then used for a wide variety of activity — including sending out more viruses. Botnets are typically built up by organized criminal gangs who rent out the computing power of the botnet to other criminal gangs. These arrangements are often multination operations — for example, many Nigerian phishing schemes are run on top of Russian-controlled botnets.
Government and non-government entities have a strong motivation to collect intelligence, and there is clear evidence that many of them — including the U.S. Government — engage in various forms of network surveillance. At least of a portion of that work is accomplished via the use of computer viruses.
Have you ever gotten email that tried to entice you to buy cheap prescription drugs, or refinance your mortgage? What about vaguely worded emails that seem to come from a friend and link to some website? Have you ever won a lottery you didn’t know you entered?
You probably get more spam than you can handle. You also probably get more than you even realize — for every piece of spam email that gets into your inbox, hundreds were blocked along the way.
Most spam is sent by compromised computers — either individually or as part of a botnet. Of course, spam itself is often a transmitter of viruses. The more computers get infected, the more computers can get infected.
Identity Theft and Credit Card Fraud
Most people use their computers to shop, and when most people shop, they enter their credit card numbers.
It is common for people to worry about the security of an online store, or the internet itself — they are concerned that their credit card information might be intercepted en route to the store’s website, or concerned it might be stolen from the store’s database.
Oddly enough, data in transmission between your computer and the store’s website is the least vulnerable. This is almost always encrypted — unusable even if the transmission is intercepted.
Certainly store databases are vulnerable — a number of high-profile hacks have been revealed over the last few years. But there is also a vulnerability most people don’t think much about — key loggers on their own computers.
Some viruses actually track what you type, which includes everything from credit card numbers to passwords to social security numbers. This information is then used by criminals to steal money or to purchase goods.
A particularly nefarious and debilitating attack involves encrypting all the data on an infected computer and then demanding a payment in exchange for the decryption key. The attacker is, in effect holding the victim’s data hostage.
Payments are usually elicited via Bitcoin or other anonymous payment methods. The ransom demands are usually low enough (a few hundred dollars) that many people consider the payment to be an easier solution than losing the data altogether. To induce swift payment, there is usually deadline attached to the demand.
Often, data extortion schemes are combined with illegal or illicit content, making it highly unlikely that the victim will seek any legal recourse — they frequently won’t even take the computer to a recovery specialist for help because they fear what the specialist will find on the computer’s hard drive.
Perhaps the worst part of all of this is that sometimes, after paying, victims are never provided with the decryption key.
Cyber terrorism, warfare, and activism
Malware, either directly or via botnets, can be used to disable computers, networks, websites, and other systems. This can take all sorts of forms:
- Distributed Denial of Service (DDoS) attacks — sending an overwhelming number of requests to a website, rendering it unable to respond to legitimate visitors
- Deleting data, or encrypting it to render it unusable.
- Altering the functioning of software.
- Disabling key features.
- Changing content.
Some of this is carried out by military actors (governments, terrorist organizations) as part of a larger campaign of violence. Sometimes it is carried out by activist (or “hacktivist”) groups, such as Anonymous, who attack organizations as part of a protest.
Vandalism (for teh lulz)
Some people create or distribute viruses and other malware for no particular reason other than to cause damage. They might do it to impress other people, or because they think it’s fun to watch other people suffer. They do it for laughs, or “teh lulz” (a badly spelled cliche form of the abbreviation “LOL”).
Popular entertainment has made it seem as if the majority of computer viruses and attacks originate from these people — lonely hackers in their moms’ basements wreaking havoc on other people’s lives while drinking soda and playing video games.
It is perhaps true that in the early days of internet this was at least partially the case. There are even a great number of basement-dwellers today who attempt to project this image of themselves, however inadequate or even non-existent their actual “hacking” chops are.
However, today, the vast majority of viruses and other malware is the product of organized crime, governments, terrorist organizations, and other institutional actors — the lone wolf character is precisely that: a character, a work of fiction.
How to protect yourself against computer viruses and malware
So now you know the bad news. The online world is full of potential viruses, malware, and other nasty infectious programs. But there there is good news too. Keeping yourself safe online isn’t all that difficult.
The key to staying ahead of viruses is three-fold:
- Avoid malware before it gets to you
- Get rid of malware once you have it
- Mitigate against the damage that can be done by malware
The most common attack vectors can be avoided if you simply practice responsible internet use.
- Don’t open unsolicited emails or emails that come from people you don’t know
- Don’t open unsolicited attachments, even from people you know, unless you can verify that the sended intended to send the file to you
- Don’t visit websites that contain illicit or illegal content
- Don’t click on links sent to you anonymously
- Don’t click on links sent to you from people you know unless they come with an explanation that verifies they were sent on purpose
- Don’t send emails to people that contain nothing but a link or an attachment — this trains people to think this is acceptable and makes them more likely to click on spam links
- Don’t download files from anonymous file sharing sites
- Don’t use shareware programs
- Keep your software and operating system up to date
Get rid of malware that reaches your computer
Reduce the impact of viruses
The most important thing you can do to protect yourself is to keep your personal data and files backed up. You should have a copy of all of your documents and media stored remotely — either on a separate physical drive or in a cloud-storage service like Google Drive or Dropbox.
Also, if you suspect you have an infected system, you should run anti-virus, anti-rootkit, and anti-spyware programs. However — DO NOT take drastic action such as reformatting your hard drive, uninstalling your operating system, or defragging. Unless you know what you are doing, these actions can often make your problem worse, or make lost data irretrievable. Stop what you are doing and take your computer to a security specialist. (If your computer is still functioning, take the opportunity to backup your files.)
The real world is a dangerous place — germs, viruses, bad people, spores, molds, and fungus. But we have mostly adapted — most of us wash our hands, get our shots, take our vitamins. We carry umbrellas and we lock our car doors. Taken altogether, these simple actions add up to a relatively high and stable level of safety. Yes, things still happen, but our personal level of risk is usually very low.
The same is true of the online world. It is a dangerous place. There are viruses and worms, there are hackers and vandals. People are trying to steal your credit card information or break into your email system. But all it takes is a fairly simple set of practices — the online equivalent of remembering to wash our hands — to reduce our overall risk. As in life, we can never be 100% safe, but we can get close enough.
We aren’t helpless. We can adapt.