What is a Virus?
A virus is a program that is able to replicate, that is create (possibly modified) copies of itself. Like biological viruses, computer viruses can spread quickly and are often difficult to eradicate. They can attach themselves to just about any type of file and are spread as files that are copied and sent from individual to individual. The replication is intentional, not just a side-effect.
Several years ago, most viruses spread primarily via floppy disk, but the internet has introduced new virus distribution mechanisms. With email now used as an essential business communication tool, virus are spreading faster than ever. Viruses attached to email messages can infect an entire enterprise in a matter of minutes, costing companies millionsof dollars annually in lost productivity and clean-up expenses.
More than 60,000 viruses have been identified, and 400 new ones are created every month, according to the International Computer Security Association (ICSA).
Life Cycle of a Virus:
The life cycle of a virus begins when it is created and ends when it is completely eradicated. A virus has to attach itself to a "host", in the sense that execution of the host implies execution of the virus. The following outline describes each stage of its life cycle.
Creation : Until recently, creating a virus required some knowledge of the computer programming languages. Today anyone with basic programming knowledge can create a virus. Typically, individuals who wish to cause widespread, random damage to systems create viruses. A virus may be modified, either by the original author or someone else, so that a more harmful version of it appears.
Replication : Viruses typically replicate for a long period of time before they activate, allowing plenty of time to spread.
Activation : Viruses with damage routines will activate when certain conditions are met, for example, on a certain date or when the infected user performs a particular action. Viruses without damage routines do not activate, instead causing damage by stealing storage space.
Discovery : When a virus is detected and isolated, it is sent to the anti-virus software developers. Discovery normally takes place atleast one year before the virus might have become a threat to the computing community.
Assimilation : At this point, anti-virus software developers modify their software so that it can detect the new virus.
Eradication : If enough users install up-to-date virus protection software, any virus can be wiped out. So far no viruses have disappeared completely, but some have long ceased to be a major threat.
Some Other Terminologies:
Trojan : A Trojan is a program that pretends to do something useful or interesting, but when it is run, it may have some harmful effect, like scrambling the FAT (File Allocation Table), formatting the hard disk or releasing a virus. The main difference between a Trojan and a virus is the inability to replicate. Trojans cause damage, unexpected system behavior, and compromise the security of systems, but do not replicate. If it replicates, then it should be classified as a virus.
Malware : Short for malicious software - refers to any malicious or unexpected program or code such as viruses, Trojans, and droppers. not all malicious programs or codes are viruses.
Worms : Unlike viruses, worms do not require a host.
Boot Sector Viruses : This virus infects boot sectors on diskettes and / or hard disks. It replaces the original boot sector with itself and stores the original boot sector somewhere else.