VIRUSES This page last updated 2014 Sept 25

This web page has audio clips - just click on the icon (like the one to the left) and you can hear Prof. Richardson's voice adding additional information to topics on the page.

turn on your speakers to hear audio clips

KEY POINTS

It is not the intention of this part of the course to be able to adequately cover all the various types of viruses that may effect e-commerce since we do not have the time nor resources to do that satisfactorily -  but, it is important to have some understanding of the business risk at stake here and try to evaluate if it is a serious problem, because - if it is a serious problem, then every e-commerce professional needs to add to their portfolio of knowledge, some degree of understanding about viruses.

During the 2nd week in April 2014 (April 15th),  Richardson was interviewed by Jacqueline Milczarek live on air for CTV News to discuss the Heartbleed computer bug. Richardson reminded viewers that "the fundamental principle of security is that you don't have to be perfect, you just have to be better prepared than people who made no contingency at all"  http://www.ctvnews.ca/video?clipId=325554

This web site is very helpful and you are encouraged to bookmark it and check it for terms you do not know.

KEY POINTS.

Is the problem getting worse? At this stage statistics on known virus attacks seem to indicate the problem is getting worse. For the most part, security experts believe the majority of virus attacks are made by unhappy employees and egotistical hackers and crackers - it does not appear to be something that companies are employing against each other to give themselves a competitive edge - but it may not be long before this happens since businesses large and small have been known to use very "illegal and immoral" tactics to gain advantage.

Viruses

"The problem with today's viruses is twofold: Not only can they be easily rewritten to change their signatures and bypass antivirus tools, but they are also tempting attachment types for click-happy users who see nothing wrong with opening mail attachments from trusted sources. " translated 1. viruses can change form so the anti-virus software you installed, and obediently updated, cannot recognize the new virus as a threat, and does not screen it out 2. too many people are indiscrimantly passing on viruses without following basic (SOPs) security procedures  an article in Computerworld written by Deborah Radcliff formerly at  http://www.surfcontrol.com/news/articles/content/12_11_2000_cw.html

- FreewareRocks.com®  Safety Commandments!-                   Virus Safety  Issues and Tips

- FreewareRocks.com®  Safety Commandments! - found by Wadia in MRK 410 March 2004   1) Save. No computer is immune to crashes or other events that can take out a work in progress.  2) Back up. Your important files on a regular basis and store the backup copy somewhere other than on your computer (CD or floppy). This way if a virus does get through and destroy files you can restore them from your back-up copy.  3) Invest. In software/hardware to create a simple to use system  4) Install. A reputable virus scanner and keep it updated regularly. Avoid virus, worms and trojans from e-mail or downloads which will cause damage to your programs or hardware.  5) Use. Antivirus program (at least once a week) as well as every time you download any freeware or software that is shareware. Make sure that it is properly configured for your computer system. Software makers routinely update their virus lists whenever a new virus is discovered, so you will need to update your software with new virus definitions at least once per week. NEVER open any downloaded file unless it has been scanned by anti-virus software with current signatures.  Here are a few points to remember says FreewareRocks.com.  Remember: "A virus can not appear on your computer all by itself. You get it by sharing infected files or diskettes, or by downloading infected files from the Internet.  Generally, you can not get a virus by reading the body of an email message, they are usually carried in an attachment (e.g., a Word or Excel file). These attachments should be scanned automatically before you read them.  There are a few things you can do to protect your computer from virus infection.  Most important on the list is to install - update and use a high-quality anti-virus program, and especially be sure to update it regularly. A non-updated Anti-Virus program is outdated and practically useless. Use it to scan any files, programs, software, or diskettes (even new software from a commercial company) before you use them on your computer.  Never open any attachment with two extensions.  For instance, "iamavirus.txt.vbs" should definitely cause you to raise an eyebrow.  Virus creators use this as a way to disguise their destructive payload.  Many of our computers are set to not display any extensions at all so the double extension rule may not always work."

Worm Viruses             Worm Viruses     Viruses Worm Viruses           Worm Viruses

. KEY POINTS Worm viruses propogate quickly (meaning spread fast from computer to computer) because one of the features of the virus is that it makes the receiver become a sender. People who receive a worm virus (and do not know it) can have their computer "hijacked" into being used to send out the virus to everybody in your address book - many of these worm viruses love people that use Microsoft Outlook because they are configured to 'hijack" all the addresses you have stored in your Microsoft Outlook address book. . "A new computer worm that disguises itself as an e-mail from Microsoft Corp. is spreading, computer security firms   warned on Monday.   The e-mail containing the worm, dubbed Palyh or Mankx, appears to come from support@microsoft.com, but is not from the software company.  When the attachment is opened, the worm copies itself to the Windows folder,  scoops up e-mail addresses from the hard disk and starts sending itself out,  said U.K-based Sophos.    The malicious program can spread itself to other Windows machines on a local  area network, anti-virus vendors said. It began spreading on Saturday [May 17th, 2003] and has apparently infected computers in 69 countries, according to MessageLabs. "  e

KEY POINTS

One of the reasons that people do open these viruses is because they are tricked into thinking it is legitimate email and upon opening the email to have a look - that action launches the virus into your computer. This is the case with the Palyh (aka Mankx) worm of May 2003. A Microsoft spokesman said the company never sends out unsolicited mass  e-mails with attachments. So................... if you get an email that says it is from support@microsoft.com ................. chances are it is a fake and the sender is just trying to get you to read something, or open something which may cause harm to your computer.

Worm Viruses spreading faster                   Worm Viruses spreading faster

. .KEY POINTS Worm viruses have been around for quite some time, but for the current generation of Internet users the most familiar one (if they knew any) was the CODE RED Worm Virus. Worm viruses can now propogate much faster, -  and the risk is that the speed at which they spread exceeds the ability of the critical users to be alerted - and therefore we are at a greater risk since our response time is almost zero. .  "SQL Slammer Worm Spread Worldwide in 10 Minutes" A Reuters story carried by Yahoo 2003 Feb 4th .  "It only took 10 minutes for the SQL Slammer worm to race across the globe and wreak havoc on the Internet two weeks ago, [Jan 2003] making it the fastest-spreading computer infection ever seen, researchers said on Tuesday [Feb 4th , 2003] ." "The worm, which nearly cut off Web access in South Korea and shut down some  U.S. bank teller machines, doubled the number of computers it infected every 8.5 seconds in the first minute of its appearance, said a computer security research group led by the Cooperative Association for Internet Data Analysis.  By comparison, the Code Red worm -- which came 18 months earlier -- only doubled every 37 minutes." Permission to quote from Yahoo!, use the Yahoo! logo, and use screen captures, was given in an email by Debbie Macleod, Yahoo! Marketing Manager Jan 21st, 2005. Copy of the email is kept in the permissions binder

Worm Viruses spreading faster                   Worm Viruses spreading faster

. .KEY POINTS The screen capture leads to a site explain the Sapphire Worm - it is also a good example of close co-operation between large IT companies, industry associations, universities and government agencies which all have a vested interest in dealing with such risk and threat situations. . . If you go to this URL, you can see a map of the world with an animation showing how fast the virus spread on a map of the world  http://www.caida.org/analysis/security/sapphire/

.

Java Viruses Feb 2007

In early Feb 2007, Stefan S., one of my graduate students in the FSM program at Seneca, emailed to offer comments and suggestions about Java Viruses Stefan said "I think Java viruses are the next big wave. By Java viruses I mean viruses that use I.E loop-holes to upload themselves to your computer, undetected by you, the user. " [WTGR adds, this suggests surfing with Netscape or Firefox would obviuously seem to be the thing to do] Stefan explained "You go to a website, and automatically as the website loads, the software downloads to your computer (no windows pop up, no notifications); this is all possible through active-x. These viruses, 75% of the time store themselves in you Program Files / Documents and Settings / “User” / Application Data / Sun / Java folder as java extensions. These viruses are mainly data miners and generate annoying pop-ups after they initiate. Some of them can be removed by uninstalling and manually deleting the Java folder others affect the windows kernel and require hard rive format for proper removal. The point is that since they uninstall themselves quietly and some do not indicate their presence physically, most users have an average of about 15 installed on their computer. Programs such as Ad-Aware detect some of them but s ometimes can not remove several extensions (those require registry editing)." Stefan then targets a sensitve point about anti-virus solution products, saying "This is a growing business for Anti-Virus companies who claim they can stop these viruses. The fact is, so can consumes without these programs."

.

Java  Viruses Feb  2007

Stefan then targets a sensitve point about anti-virus solution products, saying "This is a growing business for Anti-Virus companies who claim they can stop these viruses. The fact is, so can consumes without these programs." Stefan advises "For example, using Norton Virus solutions will heavily slow down the computer and make every task annoying, since you will get “do you want to run this script” messages every second and security pop-ups 20 times a day. For your everyday user who checks their bank statement and e-mail, these viruses will never be a threat, however that is not what the everyday user does anymore. Most people download movies/music and watch pornography on the internet. The sites that provide these services have a lot of this viruses since it is a way to make money (your neighbor comes to mind, easy to get e-mail addresses this way). What Norton does  (and by doing so renders your system unusable due to lag) is disable certain active-x commands and prevents these viruses from installing, however this can be done manually in I.E (and without the lag) for example: You go to I.E > Tools > Internet Options >Security> Turn all 4 –internet, local internet, trusted sites, restricted sites- to high security then go to >Privacy> and disable cookies and finally go to >Advanced> and uncheck Java which will not load the Java api next time you restart I.E. Now restart I.E. By doing this, you I.E is safe, there is no computer lag, and no possibility of viruses and it is free. However these settings will not display some sites correctly and will disable a lot of eye candy. Their purpose is to be used with HIGH RISK websites and provide safe surfing by disabling all Java and Active-x extensions, therefore limiting I.E to basic browsing and no downloads (uncontrollable ones). When you want to surf the net normally, you can default all setting and enable cookies and java again so everything is allowed."

.

Java  Viruses Feb  2007

Stefan's email concluded with a bit of a rant "My experience in this field spans to about 10 years and is mainly in computer hardware. I serviced main-frames and maintained systems for several small businesses. However the computer industry is in a very “disgusting” state at the moment and I am not interested in it any longer. It has commercialized to such a degree there are no values or morals any ware to be seen."

.

Cashing in on Virus Infections

Chad M., MRK 410 March 2004,  found a page talking about how people are making money from selling anti-virus solutions www.wired.com/news/infostructure/0,1377,62558,00.html Michelle Delio of wired.com says "Over the past few months, many viruses such as 'My Doom', 'Net Sky' and the 'Bagel' virus have been infecting computers and polluting servers on a worldwide scope.  Even though anti-virus programs are being purchased at record amounts, many experts are  saying that these infectious programs are spreading a rapid pace.  An annual fee is attached when purchasing anitvirus solutions, this in return, offers the user to download current "signature file" updates that identify the most current infectious program(virus). It normally takes anitvirus companies a few hours to develop "signature files" that can be updated by the user.  This poses a problem because almost all viruses now can spread globally in a matter of minutes.  So, are the antivirus companies really helping out?"

.
 
 

legal action taken by some of the major online companies against spamers

Jamaal P. of MRK 410 March 2004 found an interesting story in The Globe & Mail about lawsuits against spammers so this lets us know that something is actually being done to stop these people. The Globe and Mail article was from an article from CNET.news Monday, Mar. 22, 2004 The article dealt with the joint legal action taken by some of the major online companies against spamers. The following are some points from the article as summarized by Jamaal "Lawsuits filed by some of the Web's biggest players against junk e-mailers have portrayed an industry united in the war against spam" "America On-line, EarthLink, Microsoft and Yahoo scored a major publicity coup earlier this month, when they launched their first joint legal assault against spammers".  "The suits claim that hundreds of unnamed defendants sent messages using false e-mail addresses — a violation of the newly enacted federal Can-Spam Act".

. k

KEY POINTS

Netscape says one of the best protections is "to install an anti-virus program". Do they work? Yes Particularly if you update your program regulary. Prof. Richardson uses Norton and leaves the "auto protect" ON all the time - this means incoming emails are screened even before you consider opening them. In the 3rd week in April 2002, someone persistently tried to email Richardson a virus and it was caught every time - as you can see in the screen capture below. This screen capture shows my virus checker at work catching someone trying to send the W32.Klez.gen@mm virus WTGR

.

Examples of a virus hidden in an email

yu click on this screen capture to the left to see what popped up when my virus checking software caught one coming in

.

For a complete list of Email Hoaxes including ones that affect ICQ downloadable software click here

The Truth about Computer E-Mail Viruses ...and why they are not possible... Jennifer Maggio in MRK 410 March 2004 found a page explaining that viruses can only be found in executable files formerly at www.gerlitz.com/virushoax/ A common mistake email users find about viruses, is that they think they are in the email text. There is NO SUCH THING!! says Eric Gerlitz "A virus can not exist in an e-mail text message. They also can NOT exist in USENET (newsgroup) postings or simply "float around" the internet. Viruses must be attached to and infect an executable program (.exe, .com). Viruses and other system-destroying bugs can ONLY exist in EXECUTABLE FILES, and since e-mail is not a system file in that sense, viruses can not exist there. While reading e-mail, you are not executing any malicious code to activate! Thus, no virus can exist. HOWEVER, if you (or your computer) download a FILE attached to an e-mail or USENET posting (i.e.-binary) and RUN it, there IS a chance that file could contain a virus, since a runable file could contain a virus. It is also very important that you DO NOT, under any circumstances, allow your e-mail program to automatically execute an attached file. You risk infection by doing so!"  "Viruses are generally (almost always) OS (operating system)-specific. Meaning, viruses created for a DOS application can do no damage on a Macintosh, and vice-versa." "There has been one exception to the OS-specific rule, which is called the Microsoft Word Macro Virus, which infects documents instead of the program. " To find out more about this virus click here

.

.see also  www.quickoverview.com/overviews/ecommerce-safety-howto.html
from Mark Madner
 
 

witiger.com	CONTACT I MAIN PAGE I NEWS GALLERY I E-BIZ SHORTCUTS I INT'L BIZ SHORTCUTS I MKTG&BUSINESS SHORTCUTS I TEACHING SCHEDULE
	.
	MISTAKES ITEXTS USED I IMAGES I RANK IDISCLAIMER I STUDENT CONTRIBUTORS I FORMER STUDENTS I
	.

.

  Prof. W. Tim G. Richardson © www.witiger.com