Malicious programs, often referred to as "Malware" includes computer Viruses, Worms, Trojans, Spyware, and other programs written specifically to spy on network traffic, record private communications, execute unauthorized commands, steal and distribute private and confidential information, disable computers, erase files, etc., etc.
Some programs, such as Kaza, Napster, and others, although not intended to compromise computers, expose computers they are installed on to attacks from hackers. This section addresses the various types of malicious programs.
The threat of virus infections has increased dramatically in the past three to four years. Before the advent of e-mail attached viruses, virus were spread through exchange of infected media and this limited the potential damage that a virus could result in. When e-mail borne viruses appeared on the scene, the threat increased considerably. The sophistication of virus code has also contributed to the problem, as has the popularity of the Internet. Now viruses spread much faster and can potentially cause more damage than in the past.
In the past, a virus infection could result in loss on data on the infected computer and the inconvenience created by corrupted software on the infected machines. New forms of virus code have added the threat of loss of confidential information and individual privacy.
Computer users are well advised to protect their computers from the threat of virus infections. Many organizations now require that their users use virus detection programs. The University, through its program that makes virus software available at no cost to the University community has made virus protection a de facto requirement for all users connected to University networks, whether on campus or off campus. Users who fail to protect their computers may be prevented from accessing University networks and services available through those networks.
The possibilities are almost limitless, but viruses can: erase data on your computer; encrypt files; delete directory structures; prohibit you from using your computer; send files stored on your computer to contacts in your address book without your knowledge; and much more.
The anti-virus program contains a database of virus signatures (strings of code that identify a virus program, much like a fingerprint). These signatures are utilized by the anti-virus software to identify files that may contain a virus. When the anti-virus program searches for viruses, it lets you know when it finds a match. The anti-virus program can look for viruses in files that you open, copy, save, or modify. It can also block harmful files that you unknowingly download from the Internet and can scan your email attachments before they are downloaded on your computer.
A worm is a self-replicating virus that does not alter files but resides in active memory and duplicates itself. Worms use parts of an operating system that are automatic and usually invisible to the user. It is common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks.
A Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan horse was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus.
Spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties. Spyware can get in a computer as a software virus or as the result of installing a new program. Data collecting programs that are installed with the user's knowledge are not, properly speaking, spyware, if the user fully understands what data is being collected and with whom it is being shared.
For more ifnormation on computer viruses visit the Computer Security Administration Web Site.
All contents copyright © University of Toronto 2000-2003
This Site is maintained by the Computer Security Administration Group
Comments & Questions