Preferred Consumer | Privacy | Computer Safety | Viruses

Computer Viruses

History of Viruses

The term "computer virus'' was formally defined by Fred Cohen in 1983, while he performed academic experiments on a Digital Equipment Corporation VAX system. Viruses are classified as being one of two types: research or "in the wild.'' A research virus is one that has been written for research or study purposes and has received almost no distribution to the public. On the other hand, viruses which have been seen with any regularity are termed "in the wild.'' The first computer viruses were developed in the early 1980s.

Viruses have "evolved'' over the years due to efforts by their authors to make the code more difficult to detect, disassemble, and eradicate. This evolution has been especially apparent in the IBM PC viruses; since there are more distinct viruses known for the DOS operating system than any other.

Personal computer viruses exploit the lack of effective access controls in these systems. The viruses modify files and even the operating system itself. These are "legal'' actions within the context of the operating system. While more stringent controls are in place on multi-tasking, multi-user operating systems, configuration errors, and security holes (security bugs) make viruses on these systems more than theoretically possible.

Viruses are the colds and flus of computer security: ubiquitous, at times impossible to avoid despite the best efforts and often very costly to an organization's productivity.

The National Institute of Standards and Technology recommends using a two-tiered approach for detecting and preventing viruses from spreading:

  • On personal computers, install and use anti-virus software capable of scanning disks, attachments to email, files downloaded from the web, and documents generated by word processing and spreadsheet programs.
  • Use anti-virus software at Internet gateways or firewalls to scan email attachments and other downloaded files.

Anti-virus software should be installed when the personal computer is initially configured. The software should be updated weekly with new virus definitions, and your vendor may provide an automated update feature. Organizations may benefit from using several brands of anti-virus software.

For More Information:

For an updated website of virus information, check out the Symantec virus database. The WildList site provides a list of viruses that are currently loose "in the wild," or active and infecting systems at the current moment.

SOURCE: Computer Virus FAQ's from US-CERT.