STUDENT NAME 1

COMPUTER VIRUSES One of the most familiar forms of risk to computer security is the computer virus. A computer virus is a

program written by a hacker or cracker designed to perform some kind of trick upon an unsuspecting victim.

The trick performed in some cases is mild, such as drawing an offensive image on the screen, or changing all

of the characters in a document to another language. Sometimes the trick is much more severe, such as

reformatting the hard drive and erasing all the data, or damaging the motherboard so that it cannot operate

properly.

Types of Viruses Viruses can be categorized by their effect, which include nuisance, data-destructive, espionage, and hardware-

destructive. A nuisance virus usually does no real damage, but is rather just an inconvenience. The most

difficult part of a computer to replace is the data on the hard drive. The installed programs, the documents,

databases, and saved emails form the heart of a personal computer. A data-destructive virus is designed to

destroy this data. Some viruses are designed to create a backdoor into a system to bypass security. Called

espionage viruses, they do no damage, but rather allow a hacker or cracker to enter the system later for the

purpose of stealing data or spying on the work of the competitor. Very rarely, a virus is created that

attempts to damage the hardware of the computer system itself. Called hardware-destructive viruses, these

bits of programming can weaken or destroy chips, drives, and other components. (Pie Chart)

Methods of Virus Operation Viruses can create effects that range from minor and annoying to highly destructive, and are operated and

transmitted by a variety of methods. An email virus is normally transmitted as an attachment to a message

sent over the Internet. Email viruses require the victim to click on the attachment and cause it to execute.

Another common form of virus transmission is by a macro, a small subprogram that allows users to

customize and automate certain functions. A macro virus is written specifically for one program, which then

becomes infected when it opens a file with the virus stored in its macros. The boot sector of a floppy disk or

hard disk contains a variety of information, including how the disk is organized and whether it is capable of

loading an operating system. When a disk is left in a drive and the computer reboots, the operating system

automatically reads the boot sector to learn about that disk and to attempt to start any operating system on

that disk. A boot sector virus is designed to alter the boot sector of a disk, so that whenever the operating

system reads the boot sector, the computer will automatically become infected.

Other methods of virus infection include the Trojan horse virus, which hides inside another legitimate

program or data file, and the stealth virus, which is designed to hide itself from detection software.

Polymorphic viruses alter themselves to prevent antivirus software from detecting them by examining familiar

patterns. Polymorphic viruses alter themselves randomly as they move from computer to computer, making

detection more difficult. Multipartite viruses alter their form of attack. Their name derives from their ability

to attack in several different ways. They may first infect the boot sector and then later move on to become a

Trojan horse type by infecting a disk file. These viruses are more sophisticated, and therefore more difficult

to guard against. Another type of virus is the logic bomb, which generally sits quietly dormant waiting for a

specific event or set of conditions to occur. A famous logic bomb was the widely publicized Michelangelo

virus, which infected personal computers and caused them to display a message on the artist’s birthday.

STUDENT NAME 2

HARDWARE AND SOFTWARE SECURITY RISKS Although hackers, crackers, and viruses garner the most attention as security risks, a company faces a variety

of other dangers to its hardware and software systems. Principally, these risks involve types of system failure,

employee theft, and the cracking of software for copying. Click to display virus effects

Systems Failure A fundamental element in making sure that computer systems operate properly is protecting the electrical

power that runs them. Power interruptions such as blackouts and brownouts have very adverse effects on

computers. An inexpensive type of power strip called a surge protector can guard against power fluctuations

and can also serve as an extension cord and splitter. A much more vigorous power protection system is an

uninterruptible power supply (UPS), which provides a battery backup. Similar in nature to a power strip, but

much more bulky and a bit more expensive, a UPS provides not only steady spike-free power, but also keeps

computers running during a blackout.

Employee Theft Although accurate estimates are difficult to pinpoint, businesses certainly lose millions of dollars a year in

stolen computer hardware and software. Often, in large organizations, such theft goes unnoticed or

unreported. Someone takes a hard drive or a scanner home for legitimate use, then leaves the job sometime

later, and keeps the machine. Sometimes, employees take components to add to their home PC systems or a

thief breaks into a business and hauls away computers. Such thefts cost far more than the price of the stolen

computers because they also involve the cost of replacing the lost data, the cost of the time lost while the

machines are gone, and the cost of installing new machines and training people to use them.

Cracking Software for Copying A common goal of hackers is to crack a software protection scheme. A crack is a method of circumventing a

security scheme that prevents a user from copying a program. A common protection scheme for software is

to require that the installation CD be resident in the drive whenever the program runs. Making copies of the

CD with a burner, however, easily fools this protection scheme. Some game companies are taking the extra

step of making duplication difficult by scrambling some of the data on the original CDs, which CD burners

will automatically correct when copying. When the copied and corrected CD is used, the software checks for

the scrambled track information. If the error is not found, the software will not run.