DAARAAKAARRAA AA AAA eas Security is one of the major concerns of any computer system. The information S¥stemg becoming increasingly important and unavoidable in all spheres globally. Almost all mg global activities are dependent on computer systems. Thus potential threats to the comput, systems are also increasing. The biggest asset and challenge of a computer system ig th, security and integrity of data and its processed information. Nowadays acts of malware attacks and cyber terrorism are becoming very common. One must ensure the integrity of data that: * comes into the system, + is stored in the system, * is processed into information and + is shared further. The following points ensure the data integrity of any system. + No one must be able to alter the data without proper permissions. + No external programs must be able to access the data unless allowed, * The vital information must be secured from programs or persons with malicious intent. + The personal information of any person must not be given out under any circumstances. Any software causing or having the potential to cause damage to data/info, the usual functioning of the system without the intent of the user is classi stare. ic ae sentially mead onan a Sada be i , Files can be s! iters * nc so Thanh aman Th easily spread because of the underlying network. east aterm used to de scribe software th, rmation or prevent ified as a perverse Malware or malicious software is ‘at is included to g, 5 ‘Trojan horses and the computer such as computer viruses, worm’ 4 sais aes eka bYware. Tt uses dines ways to harm the system. Wirus, Trojan horses an Smples of malicious somyreet ‘are, ay, sitThe devices that support Int : i ts of 'emet connectivity like mobil als major targets of malware attacks, mobiles, laptops and other gadgets are also Let us discuss a few common types of mal . ware. |, Virus: A computer virus is a softw. Info Hub > Some notable computer viruses are- Creeper (1971), Elk Cloner (1982), Jerusalem (1987) and Melissa (1999), ILOVEYOU (2000), Code Red (2001), Nimda (2001) and Blaster (2003). 3. Worm: It is a software that uses network to replicate itself. So they travel from one Info Hub The Morris worm on 2 November 1988 was one of the first computer worms distributed via the Internet, it, a pee Ee eee 2, Bomb: It is a software that is intentionally attached to a computer system. It starts itself from normal operations of ‘are Program that is destructive in nature and spreads information and may even chan rept It damages the files and data. It can delete attaches with healthy pro ge the file extensions to remove the associations. It ‘Vinises can’ attach thes een and replicates itself and can spread across a network, slesare copind. to's Ves to any type of file (host) and spread when these infected ‘omputers. People unknowingly spread a computer virus by sharing infected files or sending emails with viruses as attachments, and also through secondary memory devices like pen drives. They can also spread easily through download on the Intemet, Some examples of viruses are ‘melissa’ and ‘I Love You" its activity on the occurrence of a predefined event. These can’t move or infect other programs and damages only specific targets. Friday the 13° and Happy Birthday 30* are two such examples. node in a network to any other node within or outside the network. It has that code that} can copy itself. They replicate themselves by making their own copies again and again on the local drive and on any other machine via netw ork. They can spread worldwide Via the Internet. Code Red, Scalper and Nimda are some examples of worms. A worm is different from virus. It does not harm any file or data but its copies consum¢ the computer resources and make them slow. Virus is more dangerous than a computer| worm as it makes changes to the files and deletes them. a FT 4. Trojan: It is a destructive program that disguises itself as a useful program. The name ‘Trojan horse’ is from wooden horse of Troy in Greek mythology. The users install Trojan horses thinking that it is 2 useful program such as a game or a screensaver. The| Software may look normal but contains programs that corrupt the data or damage thefiles, A Trojan Banker steals online banking credit cara inrormauon. Another Tyo, Mailfinder can get email addresses from the computer address book. Backdoor and Nuker are other examples of Trojans. Unlike viruses and worms, Trojan horses do not replicate themselves and do not themselves into other files. They get activated only when it is executed by the use, Info Hub a Trojan horse: The Greek soldiers reached the city of Troy by hiding themselves inside a large wooden hong The people of Troy pulled the horse inside their city. They did not know that the Greek soldiers were hing inside the horse 5, Spywares: Spyware is program that spies on the computer system of the user. It gets installed on the computer with or without permission of the user. It collects informatio, about the user activities on the computer. It can record keystrokes. So it can record the password, and credit card numbers the user enters in the computer. It sends the collected information back to the creator, so that they can use the user’s information. Spyware is used to steal information. SpyAnytime and GATOR are some spywares. Windows 7 offers a built-in antispyware that detects and removes the spywares in the system, known as the Windows Defender (! ig. 3.1). To start Windows Defender click on \\ indows Defender from the Control Panel. You have to turn this service on before using it. Click on Scan to detect and remove spywares from the system. fp J. | Windows Defender 3 Iti ici sed by hackers. It sweeps (deletes) aj 6. Sweeper: It is a malicious program used ge data your computer system. Tt gets downloaded when you are connected with the Toe et,info Hub Ethical hackers or White hat hackers go rn Generally, they test the security of the noon Hacking is an unauthotised ‘int TU i 5 sion into a without the consent of the owne, into another computer system to perform tasks | “ 2 iy intrude into the other systems without ony harmful intent. sation and identify the flaws and loopholes of the system. ‘ombies are similar to 5 ; They install themsely een ae e spywares except that they do not steal information. Fee = = ic target i el 5 instructions to them. ‘get machines and wait for the hackers to give 1 Itis an adv ae We ice advertisement displaying software that downloads and installs itself suet : Keeps on displaying unwanted advertisement downloaded from the Internet, It generally is bundled with sharewares or freewares. The advertisements are generally displayed as pop-up messages and might be hosts for viruses occasionally. Hijack: It is a malware that changes the settings of the browser and displays advertisements as pop-up. These generally modify the Internct settings of the browser and changes the home page, search page and even the system pages like the error page. Types of Virus The virus can damage the computer system by damaging the programs or reformatting the disk. There are three main kinds of virus—boot sector virus, program file virus and bimodal or bipartite virus. | : Boot sector exists on a storage media like hard drive. A computer needs the boot sector to load the operating system. During booting process, the boot sector program is loaded. Boot sector virus infects the boot sector program and replaces it with its ing when the computer reads the disk, the boot virus loads into computer memory and infects the system. Form, Disk Killer, Brain, Stoned and Michelangelo are some boot viruses. Nowadays, the operating systems include safeguard from boot viruses. Boot virus is very rare now. Program or File virus infects the executable program files like .exe, .com and bin. When the program files are executed, the program file virus gets loaded in memory. When memory gets infected, any program that executes in memory also gets infected. Jerusalem, Sunday, Cleevix and Cascade are some program viruses A-few types of these viruses are described below: i Companion Virus: While executing the programs, the operating system maintains ahierarchy of the extensions of the programs. So the program name with the higher priority extension, for example .com is executed before the program name with the lower priority extension, for example .exe. This feature is exploited by the companion virus. The virus names itself after any existing program but with a corrupted version. During bootihigher priority extension. So whenever the user executes the Program, executed insicad of the original program. ; i, Macro Virus or Document Virus: A macro is a named single instructing, in tum contains a group of instructions that have to be executed sequey, ta he a batch, They are generally used in some applications like MS Word yr il certain steps. Macro viruses use this feature of macro and execute theme by disguising themselves as authorised macros for the application. Mj,."® Bablas are cxamples of this virus. wi iii, Polymorphic Virus: Poly means many and morph means form. This Virus has the ability to change its form each and every time it is repticatey becomes difficult to detect this type of virus. iv. Stealth Virus: It manipulates the virus detection software and authenticate, 3 as a normal program. Thus it has the ability to hide itself and avoid detection», removal. Whale and Zer Bug are examples of this virus. v. Cluster Virus: It changes the file system and directories of the disk so that although the virus is located in a single place running any program runs they, first. vi. Email Virus: It is transmitted along with email attachments like documents, programs. When the recipient runs the attachment, the virus gets installedinte system. vii, Multipartite or Hybrid Virus: It infects both the hard disk drives and the program files. These are difficult to identify and disinfect because of their ‘comple logic. Natas, Tequilla and Emperor are examples of this virus. + Bimodal or bipartite virus are types of virus that are capable of affecting the boot st as well as the program files Ms Soy f . Itcan replicate (copy) itself. it may spread by infected devices, via networks, emails or by internet downloads. It is auto executable. - Itmay be executed even before the operating system starts. - Itmay even damage the operating system. It may wipe off user data. |. It may alter data in a file. . It may change file extensions. . It may delay or prevent the booting process. ). It may corrupt the software. DE ee eae ee pie ~ It may attempt to avoid detection and removal S 2. It may even damage the hardware and make the mem — ts ‘ory unusable.lex stor gymptoms of a Computer Virus x avi The computer runs slower than usual and t The Thi Ne rus can affect a computer in di : fer A monly noticed When a computer rent ways, However, the following problems are infected with a virus, ‘akes longer time to load programs. e programs behave erraticall ally and the com oaae puter stops respondi computer crashes and restarts every few minut m sponges Tesi es. w files keep appearing e P apps 1g on the system. Files having strange names appear on the system. You are unable to access files or the contents of the files get deleted. You ‘Ne! Thi uw notice Unusual and strange error messages such as “Your PC is stoned’ sw icons appear on the desktop. Strange graphics are displayed on the monitor. ¢ free space of the computer decreases. The file sizes or the number of files increase. COMPUTER SECURITY Proper security measures must be undertaken for the prevention, identification and treatment {viruses in a computer system or any other device (like mobile phones) that have a possibility of virus attack. Some of the measures include - 1 Scan and clean secondary storage devices such as CD, pen drives and hard disk before use. Delete unwanted files in the system. Check all email attachments and Internet downloads before installation and execution. Backup important data on to external disk drives, or online cloud services like OneDrive or Dropbox, so that it may be recovered if data is deleted by the virus. Do not install pirated software in the system. Ina large network, proper authentication must be done before the user is allowed to use the computer system. Granting aceess by a password, biometric authentication (like fingerprint , retina, face or voice recognition) makes the system less vulnerable. Install antivirus software. Update regularly so that it may have the database updated for new viruses. Antivirus apps must be installed in mobile p! installed must be scanned before use. Install Internet security software like firewalls. hones and tablets, and any new app that is ss ome eselected in mobile phones to prevent installation of | unknown apps, £oi ANTIVIRUS SOFTWARE Antivirws software is a utility software that has the counter logic for scanning, detection identification and treatment of viruses. In case the software is not able to remove a Vitus, it, neutralised. The antivirus keeps a watch on the functioning of the computer system. If g Vin is found it may alert the user, mark the infected program ar kill the virus. Every computer o, the computer network must have antivirus software that is updated on a regular basis so thay newly discovered virus information and removal code can be made available to the antivings Antivirus software can be used to protect the computer from various types of malware Antivirus software can detect viruses, worms and so on, and warn you of their presence in you, computer. It can also deactivate and clean the computer of different types of malicious software Antivirus software may disinfect the system in one or more of the following ways: + Delete: Remove the effected file by deleting it. + Fix: Remove that part of the code from the infected file which has the virus definition and thus repair the file. * Quarantine: Move the virus to a vault to ensure that the virus cannot execute and further affect the system. There are various types of antivirus software such as AVG, Avira, Norton, Kaspersky, Quick Heal and McAfee Firewall: A firewall is used to prevent unauthorised access to the network. A firewall can be implemented as a software, hardware or a combination of both. All data or messages entering or leaving the network pass through the firewall. Firewall examines cach message and blocks those that do not meet the specified security criteria, Thus it can stop or prevent a lot of network intrusions and attacks. Windows 7 offers a built-in firewall. To start it (Fig. 3.2), click on Windows Firewall from ( the Control Panel. Turn on the firewall to activate online protection from intruders and hackers. 3mControl Pane Heme Allow & pregran o feature through Windows Frener ® Change nothcaion stings J] Tum Windows Frewatt on or fl aw |] $@ Pestoredetoans |] Asvances stings ff Troebleshoot my network Active public natwors: Notification state | 3 |] seeave |] seion cane || sevok oe sig cet Mineo seen comers | | | WE onecrwork (private) net. Not Connected) E 2 Pubticnetwarks Netert in pute pices such as spot coffee shops Connected ) On Block ol connections te program ‘that erent onthe kt of sowed (ae Boot sector virus: It infects the boot sector program and replaces it with its corrupted version. | ® Program virus: It infects the executable program files like .exe, .com and .bin, * Malware: It is short for malicious software. It is used for software that is harmful for the computer and disturbs its normal operations, + Virus: a program which adds itself to an executable file and copies itself to other executable files each time an infected file is mun * Worm: a program which replicates itself ‘over a computer network and usually Performs malicious actions Fig, 3.2. Windows Firewall © Trojan: a program inserted into a system by a hacker that will perform a harmless function while copying information held in a classified file into a file with a low priority, which the hacker can then access without the authorised user’s knowledge - Antivirus: a software program that looks for virus software on a computer and destroys it before it can damage data or files « Firewall: a hardware or software security system between a server and the intranet or the Internet that allows information to pass out to the Internet but checks any incoming data before passing it on to the private server(A computer virus spreads itself from one computer to another and interferes with the normal operations of a computer. ~ There are two main kinds of virus—boot sector virus and program file virus. ¥ Boot sector virus infects the boot sector program and replaces it with its corrupted version, Program virus infects the executable program fi les like, exe, .com and .bin. ~ Forms of virus attack (malware, worm, spyware, trojan horse, sweeper) ¥ Antivirus software can detect viruses, worms and so on, and warn you of their presence in your ‘computer. a é Sr ASSESSMENT ZONE ra A. Choose the correct answer, |. Which virus infects program files like having an .exe extension? (a) Program Virus (b) Trojan Horse (©) Spyware (d) Malware 2. poses as useful programs, (a) Malware (b) Trojan (© Virus (d) Sweeper 3. malicious program used by hackers. (a) Sweeper (b) Spyware 4. is program that spies on the user. (a) Trojan (d) Worm _ (d) Virus 5 (a) Boot sector B, State whether the following statements are 1. A bomb can travel from one node of network outside the network. 2. Antivirus software is a utili7. Define the term * tivirus®. 4, What do you understand by firewall? 9, Wh progran viruses? Explain different types of program virus p. solve the crossword using the cles Crossword Zone ACROSS 2. device used for connecting 5. pre-agreed signals 6. replicates itself DOWN 1. one who breaks into a computer syst 3, various elements in a network 4. Digital to Analog