Helen of Troy on Your Hard Drive

Tech Tips
Someone recently had reason to ask me, what is the difference between a virus and malware? We all have heard of the classic computer virus, but most people do not know that the word "virus" actually only refers to one type of “bug” that can attack your computer. We have come to call all types of malicious software a virus, much like some people call all photocopiers Xerox machines. In addition to viruses, there are plenty of other baddies out there, ranging from the mild (adware) to the lethal (ransomware). Here is a rundown of the different types of malicious software you may encounter, along with some tips on how to avoid them and clean them up.

Viruses. The classic computer bug that has been around almost as long as there have been computers. Ancient China probably had some form of bad abacus bead virus that caused people to count two beads at once, they have been around that longNote 1 According to Wikipedia [http://bit.ly/22xDnAv], the first known theory on creating viruses was published in 1949 and the first live virus was created in 1971.. In this form of malicious software, a hacker, or even a bored teen, finds a hole in some software, writes code to use that hole, and then the code takes over the system in order to replicate itself on other computers. For example, a virus might find a security hole in Windows or Java and use that to install itself on a system and then do something like attach itself to outgoing email or just use a network connection to share itself to other computers. Viruses range from silly (weird greetings on your screen) to serious (deleting files). Prevention of viruses is pretty simple - make sure you have installed a reliable anti-virus program and keep it, and all software on your computer, up to date. Since viruses need holes, keeping software patched will keep out the known viruses. Fortunately, updating your computer is easier than ever with automatic updates for Windows and anti-virus software. There are also two tools we use in the library IT department to keep our software up-to-date, Secunia (now Flexera) Personal Software Inspector and Ninite. Both are free and fairly simple to use by following the directions on their websites. They scan or update your PC’s software for you so you do not need to go to different websites or wait for something to pop-up and say you need an update. Virus removal may involve multiple steps, but in most cases, the anti-virus software itself will quarantine the files and prevent them from doing any harm.

Malware. This type of infection is basically unwanted software that has gotten onto your system to either perform a simple function for a hacker or basically just to annoy you. Many times, these programs come bundled with software you may download from a freeware or shareware site, so it is a good idea to do some research on any “free” software you see offered as it may have the hidden cost of coming bundled with malware. In some cases, a hacker wants nothing more than to use your computer to help spread a virus or send spam - this is called a Bot. The problem with Bots is they can slow down your system but can also be used for far worse things if the hacker gets bored and is just mean when done using your computer. Other types of malware include adware, or a small program that is inserted on your computer to do nothing more than display ads whether you are online or not. Again, they are pretty harmless in terms of what they do to the computer but still serve as a gateway for more serious threats and should be eliminated when found. As with viruses, most malware can be prevented with a good anti-virus program. If infection has occurred, one of the best solutions for detecting and removing malware is MalwareBytes, which has a free version or a for-fee version that can be used as an anti-virus program. Other options include Spybot or the Malicious Software Removal Tool available from Microsoft.

Worms and Spyware. Technically, these are both types of malware and can be delivered the same way (software downloads or just a bad email link), but they have more severe consequences if found on your computer. A worm is a combination of malware and virus that is used to move, like a worm, over a network and take the virus with it. Its job is to transmit pieces of a program that can then be pieced together to take down a network or drop a single program on different computers just to cause damage. Spyware is a program designed to look for and capture items that may be of interest to a hacker. This could include passwords, account numbers, or even just basic information about a user that can be used to commit identity theft – for example, maybe you do not bank online but do keep a family tree with your mother’s maiden name. Again, these pose little harm to the computer or files, but have a big downside in terms of stealing personal information or opening up ways for additional malicious software. Like the other two categories, any good anti-virus or the previously mentioned tools would work in preventing or removing an infestation.

Trojan Horses and Rootkits. I promised you Helen of Troy in here somewhere and here she is – the Trojan horse. Unlike malware, these have harm in mind. The Trojan horse is what one would expect - you click on something you want (or think you want) and whammo, a Trojan horse opens and little bad computer code spills out and ruins a good morning. A rootkit is similar in its stealthy way of maneuvering onto your computer. In both cases, the goal of the program is to slip onto your system undetected and then not use a lot of resource (so you do not say, hey, this seems slow today) and it either quietly assembles a virus, acts like spyware, or uses the computer as a bot. In most cases, these types of programs will get onto your computer through an infected file, such as a picture sent to you via email; an infected flash drive; a link in a phishing email or on a website (one made to look like a real website or email so you click on it); or just by being on a network with another infected PC. By now you should know what I am going to say about prevent and removal – anti-virus software and any of the tools outlined above. But add in some common sense. If you get an email saying your American Express card has been stolen, do not click the link, call the 800 number on the real website and ask a real person if your account is in danger.

Ransomware. Like the others, it is exactly what you think it is based on the name. You download the bad software and within a few hours or days get a pop-up that says if you ever want to see the (pictures of) your precious children again, fork over some cash or bitcoin or the account numbers for some Visa gift cards. In most case, yup, anti-virus software will catch this. However, once you do get this type of malicious software, there is nothing you can do to get rid of it. For one thing, never pay the piper, so to speak, and make that call to turn some money over for an unlock code to get your files back. Accept that they are either gone forever or be happy that you always back things up. Once you move past that, use the restore option on your computer to get it back to the fresh-from-the-factory setting and begin again. The good thing is you can avoid ransomware the same way you avoid Trojan horses and rootkits: Do not click on suspicious links in emails or while surfing the internet. It may be hard, but you must resist the urge to click on the latest Kardashian headline from some website you have never heard of (besides, doesn’t TMZ cover all that good celebrity gossip anyway?).

Finally, a few things to keep in mind. First, anti-virus software will not catch the newest manifestations of many of these types of infections. In studies of software, the best anti-virus software catches about 85% of the baddies out there. The other 15% have to be avoided by using common sense. One item of common sense is to do back-ups. Aside from the potential to get a virus or ransomware, you might have a simple hard drive failure to deal with and will appreciate having that back-up around to restore your photos, music and tax returns. The best bet is an external hard drive. But here are two more tips – do not leave the hard drive constantly plugged into the PC and consider putting it in a fireproof safe if you have one in the house. Keeping it plugged in does no good if you suffer a bad power surge, a malicious software attack that does over-write files (since it will also over-write the attached external drive) or worse yet, a fire. If kept in a safe, the drive should be, well, safe.

Notes

Note 1According to Wikipedia, the first known theory on creating viruses was published in 1949 and the first live virus was created in 1971.

-Laura N.

Comments

  1. very interesting. I just the antivirus software would stop all the baddies from entering the system.

    ReplyDelete

Post a Comment