It’s interesting to look back on the history of computer viruses and see just how far things have progressed in the computer security field. Take this excerpt for example.
People didn’t believe that computer viruses even existed back then – they were like a mythical unicorn.
Computer viruses are real. But to paraphrase Mark Twain, reports of their existence may be greatly exaggerated.
Stories about them have circulated since at least the 1970s. Back then they were known as worms, programs that insinuated themselves into the operating system of a mainframe or minicomputer, hiding in memory and waiting until a predetermined time to strike.
They often struck in the form of a “gotcha”–a humorous and relatively harmless message that suddenly appears on the screen in the middle of a program and forces the user to press a key to regain control of the system. Worms were sometimes thought to have been inserted by disgruntled data-processing employees, or by custom-software designers as a way of ensuring that they would be paid or later called in to fix the bug.
Now the stories have reappeared. This time the worms are called viruses and they infest software, networks, online information services, and microcomputers. Some viruses replicate, according to the stories, by copying themselves into DOS’s COMMAND.COM or .SYS files. Then, after a certain number of replications, the virus can delete all the files on the disk or scramble the file-allocation tables.
Viruses have reportedly infected networks at both IBM and the Internal Revenue Service, although both organizations deny it. No major companies have stepped forward to admit their networks have been infected.
Actual viruses have been found, however, on college campuses both in the United States and in the Middle East. “It’s a major problem,” says David Lutz, software specialist at the University of Toledo, which has been infected by a virus called Brain, allegedly developed in Pakistan by a hacker playing a practical joke on a friend.
Brain, according to Professor of Marketing Alan Flaschner, who first discovered the infection, spreads when a PC that has been started up by an infected disk reads the directory of an uninfected disk. At that time, the virus copies itself into the COMMAND.COM file of the healthy disk. When a disk becomes infected, the Brain virus goes into attack mode and destroys tracks on the disk.
Flaschner uses microcomputer models to teach his students marketing strategy. The PC is supposed to be only a weapon in the marketer’s arsenal, he says, but because of the virus, “I’m spending more time teaching students about micros and the pitfalls of using them, which is taking time away from my basic course.”
The university has several computer centers where the infection has been reappearing since February, according to Lutz. He says that write-protect tabs are put on the computer center’s disks, the disks are regularly swept, and any infected disks are eradicated. But since students frequently come in with their own data disks, within two weeks about half the university’s computers are reinfected. Lutz says his only protection against the virus right now is to educate students in ways to recognize it on their own disks.
The University of Pittsburgh has had a similar problem with a virus, according to Shawn Hernan, a faculty computer consultant at the university. The university is trying to eliminate this virus, which erases the boot tracks of a disk, from its software library, Hernan says, but the virus remains in the user community.
He agrees with Lutz that the best defense against the virus is educating the user community about the dangers of spreading the virus and what precautions they can take.
Thus far, viruses have mostly appeared at universities, and those corporations surveyed for this article say they are concerned but have not instituted new policies to protect against possible viruses.
“We haven’t done much,” says one computer analyst at Allied Van Lines, who asked that her name not be used. “I think viruses are more of a problem if you share software or get software from bulletin boards,” both of which are discouraged by the company, she adds.
Ray Deaton, director of MIS at Cox Cable Communications in Atlanta, is even more doubtful. “I’ve been in this business for 17 years and I’ve never seen a virus.” He adds that all of the company’s software is either purchased or custom-developed, and users do not bring in their own packages.
While virus reports are widely circulated among computer users–one person has reported more than 30 viruses and Trojan-horse programs–their sources are notoriously difficult to pin down. Such reports often come from “a friend of a friend.”
Such third-party reports are a new form of urban legend, according to Linda Degh, professor of folklore at Indiana University. Urban legends are often related as true stories, and they reflect current societal concerns. The difficulty in finding original sources for these rumors, as well as the use of the “virus” nomenclature in this era of AIDS, makes these rumors excellent candidates for urban legends, Degh says. The fact that some viruses do exist gives teeth to the legend, she adds.
Another nonbeliever in computer viruses is Bob Ostrander, president of Public Brand Software (Indianapolis). Public Brand Software is the second-largest distributor of public domain software, the most common way in which viruses are said to spread.
“It’s hoopla,” Ostrander says. “I have looked at possibly more software than anyone else in the country over the past few years,” he says, “and I have yet to see anything.” By his own count, Ostrander reviews about 2,000 programs each year, many downloaded from bulletin boards or sent to him by the authors.”
Obviously the need for virus protection software like Norton 360 and spyware removal and protection programs such as Spyhunter 4 and others is very high these days given the amount of personal information that goes buzzing through the internet every day. However things are looking up as people become more and more educated.