What is a Virus?

The most commonly referred to malicious software is a computer virus. Viruses reproduce replicas of themselves infecting files, programs or sectors of your disk. Viruses perform malicious activities such as: block off your hard drive reducing available space; take up CPU time just to slow down your computer; corrupt data thus ruining files; displaying unwanted things on your screen; sending spam to your contacts; stealing information; or logging your keystrokes. However, not all viruses can cause harm. The thing that makes a virus different from all other malicious code is that a virus is self-replicating.

Criminals deploying viruses will use targeted methods to deliver their weapon. This is the second standout characteristic of a virus. Criminals building viruses know exactly who their intended victim is. They therefore study there intended victim. They research their victims deducing the various systems the victims use. They then craft their virus to exploit known vulnerabilities in those systems. While studying their victims they will craft delivery methods they know will entice the victim. The most commonly used method, because it works most often, is social engineering. An example of social engineering is sending an email from a trusted source that instructs the recipient to do a pretty common task like change a password or read a file.

Taking a look at viruses there are three types of viruses, Resident Viruses, Boot Sector Viruses, and Macro Viruses. A Resident Virus embeds itself in your computer’s memory. While hiding in your computer’s RAM it will run its own code without your knowledge. The virus becomes active whenever the operating system runs, infecting files as they are opened. A Boot Sector Virus affects your systems boot sector. This is the part of your computer system in which information of the disk itself is stored along with the part of your operating system that starts the computer from the disk. The virus will reside in memory until the operating system accesses the boot portion of the disk where the virus infects it. Macro viruses are hidden in the macros of a file created by a program that uses macros such as Microsoft Word, Microsoft Excel, Adobe PDF and others. Macros are helpful automation features designed to perform operations in a document like calculations in a spreadsheet. A Macro Virus infects these types of files.

While there are many types of malicious code with similar behaviors the three behaviors that need to be present to make malware a virus is self-replication, attaches to another program and having a targeted victim. Usually viruses are aimed specifically at an organization by a group of criminals trying to break-in for the purpose of stealing specific information. In a paper by Fred Cohen from the University of Southern California titled “Computer Viruses – Theory and Experiments” that was published in 1984 he states a theoretical compression virus was an example of a virus which was not malware, but was regarded as benevolent.  This paper is also the first paper to call a self-reproducing program a “virus”. However, because the first malicious code, Creeper, ever written was a virus along with the public notoriety of WinVir topped with Hollywood’s categorization of a computer virus, all malicious code is referred to as a computer virus by the general public.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s