How to Protect and Actively Combat Lethal Computer Virus Attacks

/in ,

The COVID-19 pandemic is a critical concern, which seems to resemble the alarming growth of computer viruses. Though we must not forget that it is never correct to compare the risks of human lives to computer systems, crises such as the pandemic also bring about epidemics of computer viruses.

2020 saw a tremendous rise in catastrophic data breaches, with an estimated over 1.1 billion in 2020 alone. Yet, over 350,000 new malicious viruses, worms, Trojans, and other unwanted apps are being developed every day. Right now, there are over 970 million pieces of malware circulating across the internet, growing by over 100 million since 2013.

What can Computer Viruses do?

When a virus infects a host system, it propagates itself into infecting other applications and applying malicious codes wherever. Like biological viruses, computer viruses feed off systems they attack, replicating and spreading whenever connections or files are shared across devices.

Creators of viruses can use them for all kinds of nasty events, including scanning computer hard drive for banking information, logging keystrokes to steal passwords, encrypt data and demand a ransom or gain control over computer to launch DDoS attacks

Regardless, even as the prevalence of computer viruses continues to rise, many users do not understand the basics and how to prevent, recognize, or remove viruses.

Types of Computer viruses

We’ve already talked about some computer virus types, but it is equally vital to explain each of them.

  • Worm – a worm is a computer code that spreads without interacting with the user. Often it starts with email attachments and infects computers as soon as they are opened. Then the worm scans the infected computer for files such as temporary webpages and address books. The worm will use the addresses to send infected email messages and frequently spoof the ‘from’ address in later email messages to send infected messages to someone that the victim knows. Worms usually spread automatically through networks, email messages, and operating system vulnerabilities. They are not always destructive but can cause stability, computer, and network performance problems.
  • Trojan – Trojans are malicious software programs that hide within a legitimate program as a screen saver. Then it puts code into the operating system of the computer, enabling hacker access to that computer. Downloaded software, worms, and viruses often spread trojan horses. Trojan horses currently account for over 58% of the world’s computer malware.
  • Spyware – Spyware can install into a computer without the user’s knowledge. The program may change the computer’s configuration or collect advertising data and personal information. Spyware can track internet search habits and even redirect the web browser to a different website than what the user intended to visit.
  • Rogue security software – A rogue security software program that attempts to make you feel your computer is infected by a virus, prompting you to buy or download a product that removes the virus. Such products may contain words like security, protection, shield, anti-virus, and fixer, just like legitimate software. They might run after you download them or whenever your computer restarts. The software may prevent applications from opening, display error messages instantly, or show essential Windows files as infections. If the message keeps popping up even when we try to close the dialog box using ALT + F4 and the message tries to make us download or buy software, then this indicates malicious intent. Do note that sometimes an error message indicating virus infection may also be caused by software bugs or faulty hardware.

Notable Computer Virus Examples in History

The first time the idea of a computer virus was initiated, it answered the question – what is a computer virus? The lectures were carried out in a series by mathematician John von Neumann in the late 1940s. He went on to publish a paper in 1996 on the Theory of Self-Reproducing Automata. The article was a thought experiment on the possibility of creating a ‘mechanical organism’ as a computer code to damage machines, copy itself, and infect new hosts, just like a biological virus. Following the article, many practical experiments on that theory began to emerge giving rise to several notable computer viruses in history:

  • Creeper system. ‘Creeper system’ is the first computer virus created by Bob Thomas of BBN. It was an experimental self-replicating virus that could go on filling a hard drive with the message ‘I’M THE CREEPER, CATCH ME IF YOU CAN’ until a computer could no longer operate. It developed as a security test to see the possibility of a self-replicating program.
  • Rabbit virus. The Rabbit (or Wabbit) virus was designed in 1974 with malicious intent and could duplicate itself. When a computer is infected, it made multiple copies of itself, causing the system’s performance to drop and eventually crashed.
  • ANIMAL. In 1975, a computer programmer, John Walker, developed the first Trojan called ANIMAL. At the time, animal programs known for trying to guess which animal the user was thinking of using a game of 20 questions was popular. Walker created his own version of the animal programs, which was also in high demand but transmitting it meant making more magnetic tapes. Therefore, John Walker tried to make copying the program easier by creating PERVADE, which would install alongside ANIMAL. While users played the game, PERVADE would examine all computer directories available and then make a copy of ANIMAL to other directories where they were not present. In this case, John Walker did not create the Trojan with malicious intent. But the program PERVADE can carry out actions without the user’s approval fits the definition of a Trojan.
  • The Brain Boot Sector virus. Meanwhile, in 1985, the first computer virus released for MS-DOS was ‘Brain.’ This virus could overwrite the boot sector on the floppy disk and stop a computer from booting. The virus was written by two brothers from Pakistan for copy protection. Regardless, Robert Morris, a graduate student from Cornell University, created the first Computer virus spread extensively in the wild in 1988. At the time, he wanted to evaluate the size of the internet and so used security holes in Sendmail and other Unix applications, alongside weak passwords. However, because of a programming error, the virus spread too fast and began interfering with the normal operations of computers. In less than 15 hours, 15,000 computers were infected, which was the most of the internet.
  • Michelangelo. In 1991, the Michelangelo virus was discovered in Australia for the first time. The virus lay dormant until 6th March, when it overwrote the first one hundred sectors on the storage devices with zeros, stopping computers from booting. About 20,000 computers were reported infected.
  • CHI. A Taiwanese student created and released CHI in 1998. The virus infected over 60 million computers causing notable damage by overwriting essential system files.
  • Melissa. Melissa was released in 1999 and is regarded as the first widespread word macro virus. This virus was distributed using email and automatically went to the first 50 people in an Outlook address book. While sending out passwords for some erotic websites, which generally required membership, it did not harm the computer. However, it caused too much email traffic resulting in email server crashes.
  • The Loveletter virus.  The Iloveyou virus began in 2000 and would arrive via email and send itself to all contacts. The virus overwrote audio, image, and video files. The virus originated from the Philippines and infected over 50 million computers in just ten days. Its process of infecting computers was simple and straightforward. Because users had not learned to be cautious of unsolicited emails, it accomplished tremendous harm. The subject was ‘I Love You,’ and the email contained an attachment, ‘Love-letter-for-you-txt-vbs.’ The designer Onel de Guzman, created this worm to overwrite existing files and replace them with copies of itself, spreading the worm to all of the victim’s email contacts. To stop the virus from spreading further, many companies decided to turn off their email servers.
  • The Code Red Virus. The Code Red virus was a ‘file less’ worm existing only in memory and did not attempt to infect files on the system. The creator took advantage of a flaw in the Microsoft Internet Information Server and manipulated protocols that allow computers to communicate and spread globally in just hours. Eventually, compromised machines were used to launch a distributed denial-of-service attack on the Whitehouse.gov website.
  • Heartbleed.  Another major incident happened in 2014 where the virus, Heartbleed, put servers across the internet at risk. Unlike worms or viruses, Heartbleed took advantage of a vulnerability in OpenSSL, a general-purpose, open-source cryptographic library used by companies worldwide.

    Typically, OpenSSL sends heartbeats periodically to ensure that secure endpoints are still connected. Users send OpenSSL a specific amount of data and ask for the same amount back. Suppose users claim to have sent the maximum allowed but send less than the amount. In that case, the server will respond with the last kilobytes of data stored in RAM, including anything from passwords, to usernames and secure encryption keys.

Computer Virus Attacks have Become More Sophisticated and Dangerous

Since 2000, every year brings a new computer virus, and the trend keeps growing exponentially.  Beyond the ones we outlined, many other examples of viruses include Beast, SQL Slammer, Sobig, Sober, MyDoom, Netsky Mirai, WannaCry, and many more. The 21st century especially saw a nasty increase with the introduction of reliable and speedy broadband networks. Computers were no longer restricted to company networks and floppy disks.

Viruses and malware could now be spread quickly through popular sites, email, or even directly across the internet. However, newer variants of viruses such as ransomware do not have that pure ‘parasitic’ nature.

By 2013, a new form of ransomware started with the Cryptolocker virus. Many versions of this virus also emerged, such as WannaCry, Locky, and Petya.

The Cryptolocker virus infected over half a million computers in its original version. There also clones of the virus, such as Cryptowall and TorrentLocker, which targeted computers in Australia.

In the present age, living forms of viruses are again setting the stage. A good example is KBOT, coined by threat researchers at Kaspersky Labs. The KBOT virus can infect executable files slowing down computer systems, injecting codes into system processes, enabling hackers to gain remote control over the compromised system with no recovery chances.

The KBOT is a sophisticated computer virus that can infect all connected devices, adding dynamic polymorphic code to files. Then data is encrypted using a virtual file system using the RC6 algorithm, which hides the virus in plain sight. The virus can also download additional modules to harvest and transfer stolen information over a command-and-control server.

Signs of Malware and Computer Virus Infections

Reduced performance is one of the most common signs of a computer virus infection. In this case, the O.S may take longer to load with random programs running in the background. Users may also notice that their browser’s homepages appear changed with pop-up ads all over the place. In some instances, with frequent crashes, O.S may not boot at all, or the user may be unable to connect to the internet or other higher-level system control functions.

The first step, when one discovers possible virus or malware infiltration, scanning using endpoint security solutions such as anti-virus programs is essential. However, always remember that the most dangerous virus attacks are designed to operate covertly. These situations can only be detected using comprehensive internet security solutions will real-time scanning and monitoring of files, disk drives, and activities, alongside real-time updates on web threats that cybersecurity professionals provide.

Virus Infections Spread in Unprecedented Ways

  • Downloading infected files from websites, filesharing activities, email attachments, etc.
  • Clicking on links to malicious websites in messaging apps, social network posts, and email
  • Visiting compromised sites (drive-by downloads) where the virus can be hidden within HTML. So, when our browser loads the webpage, we can accidentally download the HTML.
  • Connecting device to infected network drives or external hard drives.
  • Application and operating systems vulnerabilities offer security backdoors, loopholes, and other exploits
  • Social engineering attacks such as phishing attacks, which trick users into offering sensitive information or access to work and personal systems through customized attacks, often masquerading as credible organizations reporting fake emergencies to force victims to act fast and without questioning the prompt
  • Connected peripherals such as Internet-of-Things (IoT) and smart devices can also become access points or be hijacked and controlled remotely by hackers.

5 Vital Ways to Protect Against Computer Virus

Combating viruses and other forms of malware attacks today is a game of cat and mouse. Every minute, perpetrators are rapidly gaining a new level of creativity, pushing the boundaries of connection, and devising new infection methods. At the same time, software analysts, intelligence experts, and antimalware software creators are also rapidly creating systems and solutions to combat infections.

Based on experience, we have put together a list of possible ways to combat computer virus infections.  This list is by no means exhaustive but will provide a great start.

1.      Firewalls

We must also install firewalls to help protect against exposure to viruses. These firewalls act like borders between our computer systems, enterprise data and I.T. infrastructure, and the external world. They can help stop diverse levels of malware and computer virus attacks.

2.      Anti-virus solutions

Investing in a robust anti-virus solution is also essential to protect your I.T. systems from known viruses. It is a critical first step to help protect us from even our behaviors such as failing to update software or clicking on harmful links. Once installed, anti-virus software will conduct scans of our systems for malicious programs. After finding those malicious programs, it will also present options for removal.  Anti-virus software, and firewalls, are excellent for personal computer systems. However, it is vital to invest in endpoint security offerings with robust features for different levels of vulnerability or enterprise-level protection.

3.      Regular updates

Be sure to regularly update computer software as soon as we receive updates from vendors release those updates. Also, pay attention to instructions alongside those updates and implement patches as suggested by the O.S. provider.  Updates can fix security flaws, including those flaws we were not previously aware of. Fixing those potential security holes will prevent offering opportunities that cybercriminals can take advantage of. It also averts the possibility that we will be held responsible for attacks. Updates and implementing patches are essential to stay on top of the game.

4.      Backup and Recovery

It is vital to have a plan for occasions when viruses get through the protective systems. One of the most critical recovery measures we all need is regular backups. We must backup not only our operating system but also religiously back up all vital data daily.

Having backups can be instrumental to identifying security gaps and can also help minimize downtime effectively.

5.      Safe Security practices

Many data breaches emanate from the human factor.  This is why combating all forms of virus attacks and protecting against hacking methods starts with user behavior and awareness. A simple click on a phishing attempt can result in millions of dollars lost. Negligence on the part of employees can also lead to enormous data breaches and, consequently, hefty fines and lost reputation. This is why it is imperative to understand the different forms of computer viruses, recognize attempts by attackers, and mitigate opportunities of attack. Our behavior and practices can be the best weapon against such attacks.

Concluding Thoughts

Studies also show that even the top-of-the-line anti-virus solutions have only a 25% success rate at detecting malware.

This does not mean that we should overlook the need for anti-virus solutions. It emphasizes the need for such solutions, alongside robust security policies and awareness training to actively fight malicious activities. Even as there is no way to protect against and prevent every single threat completely, an unprotected system is the same as opening the door to all kinds of threats.

Be sure to implement a comprehensive security and malware protection solution that includes a robust anti-virus solution to reduces the risks of computer virus attacks.