Computer viruses and defenses against them

Protection against computer viruses is a separate issue, the solution of which is the subject of many books, textbooks and teaching aids. In them, this problem is considered from different points of view and defines a variety of approaches to solving problems.

For modern computer networks consisting of personal computers, cybercriminals with rather high professional intelligence and abilities pose a great danger. The activities of these individuals constitute a serious danger. It is enough to familiarize yourself with the relevant statistics in the Internet information network (for network worms, for example).

Such malicious actions cause significant damage to computer owners. The main part of the losses is associated with the termination of information processing, downtime of user terminals and the cost of restoring corrupted data. Moreover, recovery is sometimes the most expensive procedure. The danger posed by such activities is compounded by the fact that they have at their disposal modern means of exchanging information, such as the global information network Internet.

Sources of computer viruses

Often, disgruntled or disloyal employees with access to computer tools become intruders. Moreover, the damage that they can cause by their actions can be especially great because they are thoroughly familiar with the features of the protection system of this network and are well aware of the degree of value of certain data. When it penetrates a computer system, an attacker places a Trojan horse type program in it that modifies the operation of the login or data exchange control software with the network in order to reveal the passwords of users and system administrators. Penetration into the system is often carried out by informing it of the names of entry points and passwords used by default and mentioned in the system description, as well as due to known errors in security features. If the errors are fixed, then attackers often manage to guess the password. The efficiency of guessing passwords is increased with the help of decryption programs, which can be quite found in certain sections of the Internet.

Computer-assisted crime creates the appearance of being safe for violators due to the following circumstances:

  • leaves almost no material evidence;
  • does not require establishing direct contact between the offender and his victim;
  • carried out quickly enough (with the necessary preliminary preparation);
  • requires the use of sophisticated technical tools to collect indirect evidence and evidence of guilt.

It should be noted that quite clear legal norms have already been developed that classify the fact of these crimes and the responsibility for them.

There is not a single comprehensive model of behavior when committing computer crimes. Previously, many intrusions were carried out by attackers who feel the need to accomplish what, in their opinion, is the solution to an intellectual task or puzzle that they consider a challenge to their abilities. Now intrusions are most often of a financial nature, i.e., custom-made. And therefore, they become more serious both in terms of consequences and the arsenal of the tools used.

Malicious actions using computer tools are now being done not so much by loners as by collectives and communities.

This creates even greater difficulties in confronting these destructive processes in information systems and forces specialists working in the field of information protection to mobilize and cooperate even more for successful actions.

When the computer is operating offline, the sources of the computer virus can be extraneous media of software products: external storage media and joint work on the same computer with the intruder. The virus enters the computer for reasons of an accidental and intentional nature. Lack of accounting and order in the storage of external media, their verification before use can lead to deliberate substitution of the “infected” media.

A virus can also enter a computer network via communication channels along with a message received by an intruder user who has legal access or who has connected to the network illegally.