OFFICE AUTOMATION – I COMPUTERS AND APPLICATIONS 18. DATA SAFETY, VIRUSES AND ANTI-VIRUS PROGRAM Home computers are typically not very secure and are very easy to break into. When combined with high-speed Internet connections that are always turned on, intruders can quickly find a weak link and then attack home computers. Once the intruders get in, they collect personal information like credit card details, passwords etc. Data safety is the means of ensuring that data is kept safe from corruption and that access to it is suitably controlled. Thus data security helps to ensure privacy and also ensures in protecting personal data. The increasing usage of computer networks, internet and data sharing has made security of both the computer and the data vulnerable. This lesson gives an introduction to Data Security in Computers and the issues that we face today.
18.0 Objectives On completion of this lesson, you will be able to know the following: • •
Understand what are Computers and Data Security. Appreciate the problems related to data security and the measures to be taken to rectify these problems.
18.1 Introduction Computer resources, such as local area networks (LANs), minicomputers, workstations and personal computers represent significant financial investments. There are many ways these resources could be damaged. For example, LANs usually house all the data available to users, as well as information about which users can access what data and how they can use it. Controls should be in place to prevent any unauthorized access to the LANs. Other potential hazards include the possibility of data destruction from virus infection, human error, computer breakdown, environmental hazards, and theft. In each case, either the data can be destroyed, manipulated or stolen. Backups and Data Security procedures prevent these hazards. 1
Viruses Virus is a computer program that is designed to replicate itself by copying itself into other programs stored in a computer. It may have a negative effect, such as causing a program to operate incorrectly or corrupting a computer's memory. Worms A computer worm is a self-replicating computer program, similar to a computer virus. A virus attaches itself to, and becomes part of, another executable program. However, a worm is self-contained and does not need to be part of another program to propagate itself. They are often designed to exploit the file transmission capabilities found on many computers. The main difference between a computer virus and a worm is that a virus cannot propagate by itself whereas a worm can propagate by itself. Spyware It is computer software that collects personal information about users without their consent. The information collected is sent to the spyware site while we browsing on the net. This program is often installed in your computer in combination with a program downloaded and installed from the Web. Trojans Certain viruses, called Trojans (named after the fabled Trojan horse), can falsely appear as a beneficial program to coax users into downloading them. Adware It is software that periodically pops up advertisements on a user's computer. It displays ads targeted to the individual user based on key words entered in search engines and the types of Web sites visited by the user.
18.2 Backup Procedures Backup procedures refer to: scheduling times to backup the information, performing the actual backup, and storing copies of files on alternate storage media (tape, disk, CD-ROM, optical disk). Backing up of files safeguard data from hardware failure, environmental hazards, or unintentional deletion. 18.2.1 When should backups be performed? Usually, this is a judgment decision based on your assessment of how critical the data is to your operations. Also, the timing of backups depends greatly on the frequency of changes to the data compared to the resources required to perform the backup. Generally, frequent backups are necessary if data on your system changes significantly each day. 18.2.2 Where should the backups be stored?
2
It is a good idea to store at least one copy of the backup in some other system not connected to the current one. This will safeguard a copy of your backups in the event the working system backups are destroyed. Both the system backups should be protected from unauthorized access.
18.3 Data Security and Safety Precautions taken to prevent the loss or misuse of data, whether accidental or deliberate are called Data Security. These include measures that ensure only authorized personnel can gain entry to a computer system or file, and have authorizations for performing regular procedures of storing and 'backing up' data, which enable files to be retrieved or recreated in the event of loss, theft, or damage. • • •
• •
•
•
•
A number of verification and validation techniques may also be used to prevent data from being lost or corrupted. Encryption involves the translation of data into a form that is meaningless to unauthorized users who do not have the necessary decoding software. Passwords can be chosen by, or issued to, individual users. These secret words (or combinations of alphanumeric characters) may have to be entered each time a user logs on to a computer system or attempts to access a particular protected file within the system. Physical access to the computer facilities can be restricted by locking entry doors and storage cabinets. Master files (files that are updated periodically) can be protected by storing successive versions or generations of these files, and the transaction files used to update them. The most recent version of the master file may then be recreated, if necessary, from a previous generation. It is a common practice to store the three most recent versions of a master file (often called the grandfather, father, and son generations). Direct-access files are protected by making regular dumps, or back-up copies. As the Individual records in direct-access files are constantly being accessed and updated, specific versions of these files cannot be said to exist. The files are therefore dumped at fixed time intervals onto a secure form of backing store. A record, or log, is also kept of all the changes made to a file between security dumps. Fireproof safes are used to store file generations or sets of security dumps, so that the system can be restarted on a new computer in the event of a fire in the computer department. Write-protect mechanisms on discs or tapes allow data to be read but not deleted, altered or overwritten. For example, the protective case of a 31/2inch floppy disc has a write-protect tab that can be slid back with the tip of a pencil or pen to prevent changes to the contents of the disc.
3
18.4 Malicious Software: Worms, Viruses and Spyware 18.4.1 Computer Virus Symptoms Computer virus is a program which causes harm to the computer by damaging programs, deleting files, or reformatting the hard disk. It has a tendency of copying itself without the knowledge or permission of the user. It can be spread only when an infected file is copied from one computer to another computer. On a network, a virus spreads by itself very fastly because a single infected file when accessed can infect other file(s) and can also cause harm to other computers. The impact of these viruses is that they show abnormal behaviour to the user while working and which can result in a system crash. Many virus leave bugs in the system which causes it to crash.
• • • • • •
Types of Computer Virus Macro Viruses Network Viruses Logic bomb Cross-site scripting Virus Sentinels Archaic Forms o Companion Virus o Boot sector Viruses o Multipartite Viruses
18.4.2 Computer Worms A Computer worm is a program which replicates itself using a network to send copies to other nodes. Even if user does not do any thing like in the case of virus, the worm can spread to the other systems. It doses not need to attach itself to a file or a program to spread. It always harms a network and not the files whereas a virus infects files or programs. Types of Computer Worms • • • • •
E-mail Worms Instant Messaging Worms (by sending links) IRC Worms (Chatting) File-sharing networks worms Internet worms
18.4.3 Trojan Horses Trojan Horse is a program that contains or installs a malicious program (sometimes called the payload or 'trojan').
4
They are designed for the following unpleasent intention: • Erase or overwrite. • Encrypt or Corrupt. • Upload or download the files. • Allow access to unauthorized user(s). • Spread other virus programs. • Tracking keystrokes of the user to capture Credit Card number or Passwords. 18.4.4 Rootkits Rootkits modify the operating system to hide them, and then use worm-like methods to propagate to other computers. 18.4.5 Spyware A Spyware sends information about the computer, your personal information or your Internet browsing activities to a third party. 18.4.6 Adware Adware displays unwanted advertisements. In general malicious software may: 1. Attempt to reproduce automatically and secretly. 2. Try to conceal itself from routine forms of detection (for example, using random file names) and elimination (for example, turning off your antivirus software). 3. Spreads itself to other computers via the network such as by e-mail, unsecured file shares, password guessing or exploiting security problems on other computers. 4. Modify the operating system or other legitimate software. 5. Make copies of itself to floppy disks, USB storage devices, CD-RW discs, or other writable media. 6. Send personal information gleaned from your computer back to the maker of the malicious software or his/her criminal associates, for purposes of identity theft or to collect market data. 7. Display unwanted advertising banners on web sites or in pop-up windows. 8. Allow malicious individuals to monitor your computer remotely over the network. 9. Delete damage or modify your documents and data files. In practice, you will often find a specific name like virus applied to a broad range of malicious software. The important thing to remember is that malicious software may combine any of the traits specified above. Malicious software is a serious threat to the secure operation of personal computers, particularly PC computers that use the Windows operating system.
5
18.5 Anti Virus Software Anti Virus software is a combination of files generally written in order to cure the computer for the infection of the virus. As virus may affect the files, folders or the hard disk of the computer this software tries to do the following on the infected file/folders: 1. Attempts to repair the file by removing the virus 2. Makes the file inaccessible so the virus can no longer spread 3. Removes the infected file. These softwares are designed keeping in mind the automatic updates from the internet in order to find and remove the new virus also. These softwares generally have the capability to send the infected files to the authors of the software to discover and create the cure for the virus which has infected the file which this software is unable to cure in the current situation. These softwares usually work on Virus Dictionary approach to cater to most of the viruses and this need a periodical automatic update of the virus dictionary. This type of anti virus softwares generally examines the file when they are created, opened or e-mailed. If any known virus is found during any of this operation then automatically that known virus is being cured and user is intimated about the status of the activity done by the anti virus software.
Self-Check Questions Fill in the following blanks 1. _____________________ is one of the names given to malicious software. 2. Malicious software may attempt to reproduce itself ____________________ and secretly.
18.6 Summing up In this lesson you have familiarized yourself with the following concepts of Data Security in Computers: • • • • •
Backup Procedures Data Security Malicious Software Physical Security Anti Virus Software
6
T P a o T s d
18.7 Answers to Self-Check Questions 1. Viruses 2. Automatically
18.8 Terminal Questions 1. 2. 3. 4. 5.
What is the benefit of Data Security? Give two reasons for Data Security? What is malicious software? Give three names of malicious software? What is the purpose of Physical Security? Where should the backups be stored? What is an anti virus software and what does this do?
18.8 Glossary Viruses - A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Worms - Worms are very similar to viruses in that they are computer programs that replicate themselves and that often, but not always, contain some functionality that will interfere with the normal use of a computer or a program. Spy ware - The software that covertly gathers user information through the user's Internet connection without his or her knowledge. It is often used for advertising purposes. Trojans - Certain viruses, called Trojans (named after the fabled Trojan horse), can falsely appear as a beneficial program to coax users into downloading them. Adware - Displays unwanted advertisements.
7