HOME
| UTORprotect |
DOCUMENTATION
|
AMS/ROSI
|
SERVICES
|
CONTACT
UTORprotect
Endpoint Security Policy System
Firewalls
Malicious Code
Network Security Policy
Open-Source Firewall
Password Usage Guidelines
Phishing 
Security Incident Reporting
Spam
Spyware 
Symantec Anti-Virus
Windows Security Maintenance
Windows Incident Response
Windows Security

Malicious Code

Malicious programs, often referred to as "Malware" includes computer Viruses, Worms, Trojans, Spyware, and other programs written specifically to spy on network traffic, record private communications, execute unauthorized commands, steal and distribute private and confidential information, disable computers, erase files, etc., etc.

Some programs, such as Kaza, Napster, and others, although not intended to compromise computers, expose computers they are installed on to attacks from hackers. This section addresses the various types of malicious programs.

Viruses

The threat of virus infections has increased dramatically in the past three to four years. Before the advent of e-mail attached viruses, virus were spread through exchange of infected media and this limited the potential damage that a virus could result in. When e-mail borne viruses appeared on the scene, the threat increased considerably. The sophistication of virus code has also contributed to the problem, as has the popularity of the Internet. Now viruses spread much faster and can potentially cause more damage than in the past. In the past, a virus infection could result in loss on data on the infected computer and the inconvenience created by corrupted software on the infected machines. New forms of virus code have added the threat of loss of confidential information and individual privacy.

Computer users are well advised to protect their computers from the threat of virus infections. Many organizations now require that their users use virus detection programs. The University, through its program that makes virus software available at no cost to the University community has made virus protection a de facto requirement for all users connected to University networks, whether on campus or off campus. Users who fail to protect their computers may be prevented from accessing University networks and services available through those networks.

What Can Viruses Do?

The possibilities are almost limitless, but viruses can: erase data on your computer; encrypt files; delete directory structures; prohibit you from using your computer; send files stored on your computer to contacts in your address book without your knowledge; and much more.

How Does Anti-Virus Software Work?

The anti-virus program contains a database of virus signatures (strings of code that identify a virus program, much like a fingerprint). These signatures are utilized by the anti-virus software to identify files that may contain a virus. When the anti-virus program searches for viruses, it lets you know when it finds a match. The anti-virus program can look for viruses in files that you open, copy, save, or modify. It can also block harmful files that you unknowingly download from the Internet and can scan your email attachments before they are downloaded on your computer.

Worms

A worm is a self-replicating virus that does not alter files but resides in active memory and duplicates itself. Worms use parts of an operating system that are automatic and usually invisible to the user. It is common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks.

Trojans

A Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan horse was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus.

Spyware

Spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties. Spyware can get in a computer as a software virus or as the result of installing a new program. Data collecting programs that are installed with the user's knowledge are not, properly speaking, spyware, if the user fully understands what data is being collected and with whom it is being shared.

Best Practices

  • Install a copy of the Symantec anti-virus program on your computers and make sure that the software is always up to date.
  • Make sure that your anti-virus software is always running and that it is set up to automatically start up when the computer is rebooted.
  • Before clicking on any e-mail attachment, make sure that the attachment is something you were expecting - do not blindly click on any attachment. Scan for viruses before opening the attachments even if you know the source.
  • Before using media given to you by someone else, scan it for virus infections. Viruses can be transmitted on all readable media including diskettes, CDs, USB memory cards, and other types of memory media such as SmartMedia.
  • Scan all files you receive as e-mail attachments before opening them.
  • Configure you anti-virus program for maximum protection.
  • As a general rule, you should only download files from trusted sites.
  • Back up important files regularly.
  • Password-protect shared directories.
  • Make sure that your Operating System and any software you use is up-to-date. Install patches made available from vendors of your software.
  • If you receive an e-mail about a virus from a friend or colleague, do not forward it to anyone. More often than not, these messages turn out to be a virus hoax. These virus hoaxes cause a lot of unnecessary use of resources when users blindly forward such messages to all their friends and colleagues.
©2011 - University of Toronto Information + Technology Services. All Rights Reserved.