I read this quote by Steven Wright in the Montreal Gazette: "If you saw a heat wave, would you wave back?"
And if you saw a worm in your hard drive, would you annihilate it? 
You probably can if you're a geek and are well-versed with the evil ways of hackers. But if you're not, you'd report it to your IT Manager straightaway - unless he and his team have already spotted the little wiggly creature and are busy sending notices to staff members to turn off their computers while they try to deal with this slimy nuisance.
You're familiar with viruses but you're not so sure about worms - how much harm they inflict and whether or not they can be totally banned from your hard drive once they're detected and removed. You've also heard of Trojans. If you're like me, you want to understand how the three differ.
I consulted the Symantec web site. A virus is a tiny computer program that changes how a computer operates. To qualify as a virus, two criteria must be met - first it must execute on its own and second, it must replicate itself.
Symantec identifies five types of viruses:
- file infection viruses
- boot sector viruses
- master boot record viruses
- multipartite viruses; and
- macro viruses
A worm is also a program that replicates itself without a host file. In layman terms, this means that worms are inside other files like Word or Excel documents, but they use host files differently. A worm will release a document that has the "worm" macro within the document; this document then travels from computer to computer and hence becomes the worm itself.
Symantec describes Trojan horses as impostors. They pretend or appear to be desirable files when in fact they contain malicious code that can wipe out or steal data from an infected computer.
Viruses, worms and Trojan horses constitute only a tiny aspect of a company's information security program. This is why when executives gather in the boardroom, one hot topic that makes it to the agenda is not so much their profit and loss statement or what charities they will support next year, but the status of their IT program and how best to enhance security controls. This takes on more significant proportions when financial institutions and intelligence agencies are involved and IT personnel have detected a security breach.
The damage caused by worms in terms of dollars and cents can run into billions. For example, the first worm that appeared in 1988 was the Morris Worm. It disabled 10% of computers connected to the Internet. Code Red Worm (July 2001) infected 2.3 million computers with a cost of $2.75 billion. The Sapphire/Slammer Worm in January 2003 infected 90% of hosts in just 10 minutes and generated damages of $1.5 billion. There were many others, all causing at least a million in damages, not to speak of the administrative nightmares they created.
Here's our first instalment of IT terms with a focus on security:
| FRENCH | ENGLISH |
| cryptage (ou chiffrement) | encryption |
| piratage logiciel | software piracy |
| base de données | database |
| signature numérique | digital signature |
| télécharger | to download |
| commerce électronique | e-commerce |
| mordu (ou pirate informatique) | hacker |
| reniflage de paquets | packet sniffing |
| pourriel (ou spam) | spam |
| ver informatique | worm |
| pare-feu | firewall |
| détection d'intrusion | intrusion detection |
| réseau privé virtuel (RPV) | virtual private network (VPN) |
Trivia (but not really trivia): Heard of the Halloween Documents? It has nothing to do with a treatise on award-winning costumes. In fact the concept is stripped of costumes and is linked to open source. The Halloween Documents were actually a collection of confidential Microsoft documents that revealed the initial sentiments of the software giant about the threats that Open Source represented. The documents supposedly contained the strategies of Microsoft to fight Linux and Open Source. Microsoft has since admitted the authenticity of these documents (source: David Bell et al: Cyberculture. ISBN: 0-415-24754-3, Routledge, England).
No comments:
Post a Comment