Computer Viruses
In the past decade, computer and networking technology has seen enormous growth.

This growth however, has not come without a price. With the advent of the
"Information Highway", as itís coined, a new methodology in crime
has been created. Electronic crime has been responsible for some of the most
financially devastating victimizations in society. In the recent past, society
has seen malicious editing of the Justice Department web page (1), unauthorized
access into classified government computer files, phone card and credit card
fraud, and electronic embezzlement. All these crimes are committed in the name
of "free speech." These new breed of criminals claim that information
should not be suppressed or protected and that the crimes they commit are really
not crimes at all. What they choose to deny is that the nature of their actions
are slowly consuming the fabric of our countryís moral and ethical trust in
the information age. Federal law enforcement agencies, as well as commercial
computer companies, have been scrambling around in an attempt to
"educate" the public on how to prevent computer crime from happening
to them. They inform us whenever there is an attack, provide us with mostly
ineffective anti-virus software, and we are left feeling isolated and
vulnerable. I do not feel that this defensive posture is effective because it is
not pro-active. Society is still being attacked by highly skilled computer
criminals of which we know very little about them, their motives, and their
tools of the trade. Therefore, to be effective in defense, we must understand
how these attacks take place from a technical stand-point. To some degree, we
must learn to become a computer criminal. Then we will be in a better position
to defend against these victimizations that affect us on both the financial and
emotional level. In this paper, we will explore these areas of which we know so
little, and will also see that computers are really extensions of people. An
attack on a computerís vulnerabilities are really an attack on peoplesí
vulnerabilities. Today, computer systems are under attack from a multitude of
sources. These range from malicious code, such as viruses and worms, to human
threats, such as hackers and phone "phreaks." These attacks target
different characteristics of a system. This leads to the possibility that a
particular system is more susceptible to certain kinds of attacks. Malicious
code, such as viruses and worms, attack a system in one of two ways, either
internally or externally. Traditionally, the virus has been an internal threat
(an attack from within the company), while the worm, to a large extent, has been
a threat from an external source (a person attacking from the outside via modem
or connecting network). Human threats are perpetrated by individuals or groups
of individuals that attempt to penetrate systems through computer networks,
public switched telephone networks or other sources. These attacks generally
target known security vulnerabilities of systems. Many of these vulnerabilities
are simply due to configuration errors. Malicious Code Viruses and worms are
related classes of malicious code; as a result they are often confused. Both
share the primary objective of replication. However, they are distinctly
different with respect to the techniques they use and their host system
requirements. This distinction is due to the disjoint sets of host systems they
attack. Viruses have been almost exclusively restricted to personal computers,
while worms have attacked only multi-user systems. A careful examination of the
histories of viruses and worms can highlight the differences and similarities
between these classes of malicious code. The characteristics shown by these
histories can be used to explain the differences between the environments in
which they are found. Viruses and worms have very different functional
requirements; currently no class of systems simultaneously meets the needs of
both. A review of the development of personal computers and multi-tasking
workstations will show that the gap in functionality between these classes of
systems is narrowing rapidly. In the future, a single system may meet all of the
requirements necessary to support both worms and viruses. This implies that
worms and viruses may begin to appear in new classes of systems. A knowledge of
the histories of viruses and worms may make it possible to predict how malicious
code will cause problems in the future. Basic Definitions To provide a basis for
further discussion, the following definitions will be used throughout the
report; Trojan Horse - a program which performs a useful function, but also
performs an unexpected action as well; Virus - a code segment which replicates
by attaching copies to existing executables; Worm - a program which replicates
itself and causes execution of the new