The Ins and Outs of Computer Worms and Viruses
Jeffrey Lee Parson admitted last month that he unleashed a variant of the “Blaster” Internet worm in 2003. Although Parson, 19, of Hopkins, Minn., did not create the worm, which crippled more than 1 million computers last summer, he did have a role in the damage it caused.
Parson pleaded not guilty at the time of his arrest last year, but he recently told U.S. District Judge Marsha Pechman, “I downloaded the original Blaster worm, modified it and sent it back out on the Internet.”
The Blaster worm was more than an inconvenience for many business owners who saw their secure documents and information invaded and manipulated.
In general, an Internet worm is a relatively new category of computer virus — one that is designed by Internet hackers to seek out computers with vulnerabilities and release or distort secure information. What makes the discussion confusing is that IT professionals sometimes use the terms “worm” and “virus” interchangeably.
Worms, as opposed to run-of-the-mill computer viruses, do not require a catalyst, such as victims clicking on e-mail attachments. Any computer that has a connection to the Internet is vulnerable. The computer’s user does not even have to be present.
“It used to be that you could avoid viruses by staying away from strange-looking files that you got in your e-mail inbox,” says Steve Weber, information systems manager for Coastwide Laboratories, a Portland, Ore.-based distributor. “Nowadays, the Internet worms just travel along the Internet and seek out vulnerabilities in any computer that has an open connection.”
Unfortunately, IT directors like Weber have to worry about new kinds of nefarious Internet attacks on a regular basis. In a few months, a different problem will likely arise and Internet worms (along with worm protection) could be irrelevant. Right now, that protection is all too relevant.
A Different Destruction
When computer viruses first originated (around the time that the Internet first originated), they were designed with the intent to do damage to a person’s computer. Usually a user’s software — his or her operating system — was impaired in some way. Once infected, the computer might not shut off properly, or files might become corrupted. If the virus was truly vicious, a victim’s hard drive could be damaged. Depending on the extent of the damage, the computer might need to be replaced.
“In the old days, viruses could be much more destructive [than today’s worms],” says Timmy King, technology director for Pro-Link, a Canton, Mass.-based alliance of jan/san distributors. “Today, they search out information, which can also be very damaging, but in a different way.”
According to King, credit card numbers are the biggest prizes for today’s Internet hackers. Today’s hackers are kind enough to leave a victim’s hardware and software intact, but they’ll run up exorbitant bills with a victim’s credit. This is especially troubling for companies that have the credit card numbers of their customers stored in computers.
“If you’re a distributor, you don’t want to be the one to leave your customer’s credit card number unprotected,” says King. “So far, the worms that you read about in the newspapers have been targeting large companies like Amazon and eBay, but I wouldn’t be surprised if they started working their way down to smaller companies, like many jan/san distributors.”
Microsoft Gets Tough
Like Blaster, another recent worm, “Sasser,” infected thousands of computers in the spring, targeting Microsoft Windows XP and Windows 2000 operating systems. Most worms and viruses affect Microsoft systems and users.
“We are working with law enforcement to identify and prosecute whoever’s responsible,” says Stephen Toulouse, a spokesman for Microsoft Corp. The Redmond, Wash.-based software conglomerate is ardently pursuing hackers who release Microsoft-seeking worms onto the Internet.
The vast majority of distributors in the sanitary supply industry rely on Microsoft operating systems for their business needs, says Weber. “Microsoft has invested heavily in creating operating systems that are friendly to business operations, so that’s what companies use. Most of the PCs sold to businesses run on Microsoft software.”
As the number of worms and viruses that attack Microsoft operating systems continues to increase, information technology (IT) directors like Weber are seriously considering the alternatives. “I have thought about switching away from Microsoft because it’s so often targeted,” he says. “However, I’m really a one-man IT department — as many IT departments for jan/san distributors are — and changing would mean me reconfiguring the entire operating system that Coastwide runs on. It would take a lot of time and effort that I don’t really have right now.”
Although many IT directors are considering alternatives to Microsoft, they should know that the software giant is working overtime to nullify worms and viruses as soon as they appear. “They’re really fighting back,” says King. “With each new worm and virus that comes out, the anti-virus companies, firewall companies and Microsoft itself have all gotten excellent at patching and fixing any holes.”
Those holes, explains King, are the vulnerabilities that give worms open access to a user’s data — private or not — that resides in a computer’s operating system. “The worms that came out six months to 12 months ago found the easy holes [in Microsoft’s programming],” he says. “Microsoft made patches for those holes, but now there are worms that are finding the more difficult holes.”
“Right now, Windows XP is a great operating system, except that it has a lot of vulnerabilities,” says Weber. “Supposedly, the patch that Microsoft has developed for Windows XP, called Service Pack 2, will do a lot more in the way of protection.”
Microsoft’s website for IT directors claims that Service Pack 2 (SP2) can “better defend against viruses, worms, and hackers.” The new patch might protect computers better than the old one, but IT directors hope that it will protect much better.
Secure Your Security
In order to protect their information systems from Internet worms, distributors need to do two things. First, they need to install virus protection. King recommends Norton or McAfee antivirus programs. Second, distributors should invest in a quality firewall that will protect worms from entering a company’s Internet server.
“You can just go down to Staples or some other computer store and purchase a firewall, but there are different variations in the quality of protection,” says King. “A company owner should really hire an IT person to put in a firewall correctly — someone who is familiar with networks and installations.”
In terms of preventing worms and other viruses, Weber does not allow Coastwide employees to use file sharing or Instant Messaging, something that has become popular for many businesses. “We don’t allow them to use any kind of Kazaa file sharing, for example,” he says. “File sharing and Instant Messaging are becoming the fastest ways to spread computer viruses.”
In terms of non-worm viruses, employees also need to be wary of strange or unfamiliar attachments that appear in e-mails. Often, these e-mails come from an e-mail address that is familiar to the user, but parts of the e-mail look unusual. “The worms and viruses that access computer address books are getting smarter,” says King. “If I get an e-mail from someone, and that e-mail has a virus, the chances are that I don’t know the person who sent it to me. What happens most often is the person who sends it to me knows someone that I know. Both of us are in that person’s address book, and the virus sends ‘carrier’ e-mails to everyone who is in the address book.”
Almost all antivirus programs are capable of scanning the Internet on a regular basis — some do it every day, while others do it every minute — to find any new protections for worms and viruses that have recently been discovered.
“There’s some ugly stuff out there,” says Weber. “They keep producing more ways to hack into a computer, but the antivirus companies never stop working either.”
Microsoft-Watch Keeps An Eye Out
With so many companies using Microsoft applications to help their businesses run smoothly, company owners and IT directors need to know the newest developments (and the newest problems) for their operating systems.
The first place to go for independent Microsoft news and commentary is MicrosoftWatch. MicrosoftWatch offers analysis of program flaws, user problems, security concerns, and — most of all — worthy solutions.
Computerworld Caters to Business
So you don’t know a lot about computers, but you need to for business. Even in this era of sound bites and information superhighways, you’re not alone.
If you’re looking to make a purchase (be it a laptop, PC or even a server), do some research or plan for the future, Computerworld is a good place to start. Regular polls and daily news updates will keep you abreast of what’s going on in the world of computers. You can also brush up on topics like security, data management, mobile technology, government regulations and networking.
Whether you’re a computer expert, a novice or an inexperienced beginner, Computerworld can provide the information you need to help you make smart choices for your business.
Current Contractor News on CLEANLINK
Building service contractors (BSCs) make up a significant customer segment for distributors, and CLEANLINK has the latest news and analysis of the BSC industry in the online version of Contracting Profits magazine.
Disclaimer: Please note that Facebook comments are posted through Facebook and cannot be approved, edited or declined by CleanLink.com. The opinions expressed in Facebook comments do not necessarily reflect those of CleanLink.com or its staff. To find out more about Facebook commenting please read the Conversation Guidelines.