Методичка по английскому языку для ИТС (пр. С.С.Иванов)

Module 4. Information security

Unit 1. Computer Viruses. Etimology. History

Read the following words correctly and guess their meaning:

encyclopedia, virus, liological, equivalent, to classify, anti-virus, type, technical, academic, publication, vaccine, to publish, to operate, pirated copy, regularly, to infect, popularly, unique, detection, academically, to demonstrate

Read and translate the following word combinations:

biological equivalent, anti-virus program, types of attack, technical communities, academic publication, removable media, traditional computer virus, infected programs, personal computer, unique problem

Read the text trying to find adjectives with which the term ―virus‖ is used.

Give their Russian equivalents

Computer virus

From Wikipedia, ―The Free Encyclopedia‖

Etymology

The word virus is derived from and used in the same sense as the biological equivalent. The term ―virus‖ is often used in common parlance to describe all kinds of malware (malicious software), including those that are more properly classified as worms or Trojans. Most popular anti-virus software packages defend against all of these types of attack. In some technical communities, the term ―virus‖ is also extended to include the authors of malware, in an insulting sense. The English plural of ―virus‖ is ―viruses‖. Some people use ―virus‖ or ―viruses‖ as a plural, but this is rare.

The term ―virus‖ was first used in an academic publication by Fred Cohen in his 1984 paper Experiments with Computer Viruses, where he credits Len Adleman with coining it. However, a 1972 science fiction novel by David

Gerrold ―When H.A.R.LI.E. Was One‖ includes a description of a fictional computer program called ―VIRUS‖ that worked just like a virus (and was countered by a program called ―VACCINE‖). The term ―computer virus‖ with current usage also appears in the comic book ―Uncanny X-Men #158‖, written by Chris Claremont and published in 1982. Therefore, although Cohen's use of

―virus‖ may, perhaps, have been the first ―academic‖ use, the term had been used earlier.

190

History

A program called ―Elk Cloner‖ is credited with being the first computer virus to appear ―in the wild‖ – that is, outside the single computer or lab where it was created. Written in 1982 by Richard Skrenta, it attached itself to the Apple DOS 3.3 operating system and spread by floppy disk. This virus was originally a joke, created by the high school student and put onto a game. The disk could only be used 49 times. The game was set to play, but release the virus on the 50th time of starting the game. Only this time, instead of playing the game, it would change to a blank screen that read a poem about the virus named Elk Cloner. The poem that showed up on the screen is as follows: ―It will get on all your disks. It will infiltrate your chips. Yes it's Cloner! It will stick to you like glue. It will modify RAM too. Send in the Cloner!‖ The computer would then be infected.

The first PC virus was a boot sector virus called (c)Bram, created in 1986 by two brothers, Basit and Amjad Farooq Alvi, operating out of Lahore, Pakistan. The brothers reportedly created the virus to deter pirated copies of software they had written. However, analysts have claimed that the Ashar virus, a variant of Brain, possibly predated it based on code within the virus.

Before computer networks became widespread, most viruses spread on removable media, particularly floppy disks. In the early days of the personal computer, many users regularly exchanged information and programs on floppies. Some viruses spread by infecting programs stored on these disks, while others installed themselves into the disk boot sector, ensuring that they would be run when the user booted the computer from the disk.

Traditional computer viruses emerged in the 1980s, driven by the spread of personal computers and the resultant increase in BBS and modem use, and software sharing. Bulletin board driven software sharing contributed directly to the spread of Trojan horse programs and viruses were written to infect popularly traded software. Shareware and bootleg software were equally common vectors for viruses on BBS's. Within the ―pirate scene‖ of hobbyists trading illicit copies of retail software, traders in a hurry to obtain the latest applications and games were easy targets for viruses.

Since the mid-1990s, macro viruses have become common. Most of these viruses are written in the scripting languages for Microsoft programs such as Word and Excel. These viruses spread in Microsoft Office by infecting documents and spreadsheets. Since Word and Excel were also available for Mac OS, most of these viruses were able to spread on Macintosh computers as well. Most of these viruses did not have the ability to send infected e-mail.

191

Those viruses which did spread through e-mail took advantage of the Microsoft Outlook COM interface.

Macro viruses pose unique problems for detection software. For example, some versions of Microsoft Word allowed macros to replicate themselves with additional blank lines. The virus behaved identically but would be misidentified as a new virus. In another example, if two macro viruses simultaneously infect a document, the combination of the two, if also self-replicating, can appear as a

―mating‖ of the two and would likely be detected as a virus unique from the ―parents‖.

A virus may also send a web address link as an instant message to all the contacts on an infected machine. If the recipient, thinking the link is from a friend (a trusted source) follows the link to the website, the virus hosted at the site may be able to infect this new computer and continue propagating.

The newest species of the virus family is the cross-site scripting virus. The virus emerged from research and was academically demonstrated in 2005. This virus utilizes cross-site scripting vulnerabilities to propagate. Since 2005 there have been multiple instances of the cross-site scripting viruses in the wild, most notable sites affected have been MySpace and Yahoo.

Match column A with column B

Make a list of ESP words and phrases (10) plus to above mentioned which you find useful, read them correctly and learn them.

Comment on the following:

Fred Cohen, David Gerrold, Chris Claremont, Elk Cloner, Richard Skrenta, Basit and Amjad Farooq Alvi, Trojan, Word and Excel, Macintosh, My Space, Yahoo

Give summary of the text.

Unit 2. What is a computer virus?

Read the following words correctly and guess their meaning:

to design, to implant, to generate, specific, function, technically, symptom, to identify, percentage, specifically, to compress, destructive

Read and translate the following word combination:

technical terms, program code, specific purpose, executable file, to spread systematically, virus payload, incorrect information, directory information, system area, to launch a program specifically, write-protected disks, to infect software, to locate the documents, to program

Read the text and write out words and word combinations which point out the harmful role of computer viruses. Give their Russian equivalents (10)

What is a computer virus?

A virus is a piece of software designed and written to adversely affect your computer by altering the way it works without your knowledge or permission. In more technical terms, a virus is a segment of program code that implants itself to one of your executable files and spreads systematically from one file to another. Computer viruses do not spontaneously generate: they must be written and have a specific purpose. Usually a virus has two distinct functions:

Spreads itself from one file to another without your input or knowledge. Technically, this is known as self-replication and propagation.

Implements the symptom or damage planned by the perpetrator. This could include erasing a disk, corrupting your programs or just creating havoc on

193

your computer. Technically, this is known as the virus payload, which can be benign or malignant at the whim of the virus creator.

A benign virus is one that is designed to do no real damage to your computer. For example, a virus that conceals itself until some predetermined date or time and then does nothing more than display some sort of message is considered benign.

A malignant virus is one that attempts to inflict malicious damage to your computer, although the damage may not be intentional. There are a significant number of viruses that cause damage due to poor programming and outright bugs in the viral code. A malicious virus might alter one or more of your programs so that it does not work, as it should. The infected program might terminate abnormally, write incorrect information into your documents. Or, the virus might alter the directory information on one of your system area. This might prevent the partition from mounting, or you might not be able to launch one or more programs, or programs might not be able to locate the documents you want to open.

Some of the viruses identified are benign; however, a high percentage of them are very malignant. Some of the more malignant viruses will erase your entire hard disk, or delete files.

What Viruses Do

Some viruses are programmed specifically to damage the data on your computer by corrupting programs, deleting files, or erasing your entire hard disk. Many of the currently known Macintosh viruses are not designed to do any damage. However, because of bugs (programming errors) within the virus, an infected system may behave erratically.

What Viruses Don't Do

Computer viruses don't infect files on write-protected disks and don't infect documents, except in the case of Word macro viruses, which infect only documents and templates written in Word 6.0 or higher. They don't infect compressed files either. However, applications within a compressed file could have been infected before they were compressed. Viruses also don't infect computer hardware, such as monitors or computer chips, they only infect software.

In addition, Macintosh viruses don't infect DOS-based computer software and vice versa. For example, the infamous Michelangelo virus does not infect Macintosh applications. Again, exceptions to this rule are the Word and Excel

194

macro viruses, which infect spreadsheets, documents and templates, which can be opened by either Windows or Macintosh computers.

Finally, viruses don't necessarily let you know that they are there - even

Learn the definition of a computer virus

Fill out the table and learn it

What viruses are capable of

doing

Can you add anything to the table? Do it, please!

195

Unit 3. Types of computer viruses (I)

Read the following words correctly and guess their meaning:

type, constantly, to classify, basic, system, infected, command, primitive, parasitic, companion, double, multi-combination, effective, to demonstrate, concept, to transport, documents, action, classification, method

Read and translate the following word combinations:

file infector, uninfected programs, overwriting virus, a double file, to be listed, boot sector, to grow steadily, effective virus, development package, nuclear virus, to perform various actions, user‘s installation, to support execution, hard for catching

Read the text and write out adjectives used with the word ―virus‖.

Translate and learn them.

Types of Computer Viruses

Nowadays the number of viruses is about 55000. It increases constantly. New unknown types of viruses appear. To classify them becomes more and more difficult. In common they can be divided by three basic signs: a place of situating, used operation system and work algorithms. For example, according to these three classifications virus Chernobyl can be classified as a file infector and a resident Windows virus. Further it will be explained what it means.

File infectors

These are viruses that attach themselves to (or replace) .COM and .EXE files, although in some cases they can infect files with extensions SYS, DRV, BIN, OVL and OVY. With this type of virus, uninfected programs usually become infected when they are executed with the virus in memory. In other cases they are infected when they are opened (such as using the DOS DIR command) or the virus simply infects all of the files in the directory (a direct infector).

There are three groups of file infectors.

Viruses of the first group are called overwriting viruses because they overwrite their code into infected file erasing contents. But these viruses are primitive and they can be found very quickly.

Other group is called parasitic or cavity viruses. Infected file is capable of work fully or partly but contents of last one are changed. Viruses can copy itself

196

into begin, middle or end of a file. They record their code in data known not to be used.

Third group is called companion viruses. They don't change files. They make double of infected file so when infected file is being started a double file becomes managing, it means virus. For example, companion viruses working with DOS use that DOS firstly runs COM. file and after if this file is not found runs EXE. file. Viruses make double file with a same name and with extension COM and copies itself in this file. During start of infected file DOS runs a COM. file with a virus firstly and then a virus starts an EXE. file.

Multi-partite Viruses

Multi-partite viruses are a combination of the viruses listed above. They will infect both files and MBRs or both files and boot sectors. These types of viruses are currently rare, but the number of cases is growing steadily.

Macro Viruses

Until recently, the macro languages included with most applications were not powerful or robust enough to support writing an effective virus. However, many of the more advanced applications that are being developed today include built-in programming capabilities that rival some of the larger development packages. This has recently been demonstrated by the various strains of Microsoft Word viruses, including the so-called Word Concept and Word Nuclear viruses. These viruses transport themselves through Microsoft Word documents. When opened in Word, they perform various actions, including spreading themselves into the user's installation of Word, thus preparing to infect all future documents on the system. An additional concern is that macro viruses can be cross-platform. The Word Concept virus has the claim to fame of being the first prominent cross-platform virus, because it can infect both Windows and Macintosh systems.

Because most application macro languages support passing execution to an external shell, such as CQMMAND.COM or CMD.EXE, the power of the macro virus is not limited to the constraints of the macro language itself.

Used operation system

Any computer or net virus can infect files of one or more operation systems: DOS, Windows, OS/2, Linux, MacOS and others, it is a base of this way of classification. For example, virus BOZA working with Windows only is classified as Windows virus, virus BLISS – as Linux virus.

Work algorithms

197

Viruses can be differed by used algorithms making them dangerous and hard for catching.

Firstly viruses can be divided on resident and nonresident.

Resident virus having come in operation memory of computer doesn't infect memory. They are capable of copying when they are started only. We can call any macro virus resident. They are present in memory during application.

Second viruses are visible and invisible. To be invisible means that users and anti-virus programs can't notice changes of infected file done by virus Invisible virus catches all requires of operation system to read file and to record in file and shows uninfected version of file. So we can see only 'clear' programs during virus works. One of first invisible file infectors was FRODO and boot infector – BRAIN.

Almost any virus uses methods of self-coding or polymorphism to escape antivirus programs. It means that it can change itself. Changing itself helps virus to be able to work.

Match column A with column B

Read and translate in writing the passage under the headline ―File Infectors‖

198

Learn the definition of every group of viruses. Make a presentation

Unit 4. Types of computer viruses (II)

Read the following words correctly and guess their meaning:

system, to program, audio, to operate, personal, regularly, microvirus, Microsoft, logic bomb, internationally, specified, to contain, technique, to attack, specific, to activate automatically

Read and translate the following word combination:

uninfected computer, network file system, to damage a program, to delete files, to reformat hard disk, legitimate program, data loss, system crush, specified conditions, host system, civilised programmed threat, anti-virus software, anti-spyware

Read the text and write out sentences underlining the difference between different types of viruses. Translate them in writing

Types of Computer viruses

A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or the Internet, or by carrying it on a removable medium such as a floppy disk, CD, or USB drive. Additionally, viruses can spread to other computers by infecting files on a network file system or a file system that is accessed by another computer.

Most personal computers are now connected to the Internet, facilitating the spread of malicious code. Today's viruses may also take advantage of network services such as the World Wide Web, e-mail to spread.

Some viruses are programmed to damage the computer by damaging programs, deleting files, or reformatting the hard disk. Others are not designed to do any damage, but simply replicate themselves and perhaps make their presence known by presenting text, video, or audio messages. Even these benign viruses can create problems for the computer user. They typically take up computer memory used by legitimate programs. As a result, they often cause erratic behavior and can result in data loss and system crashes.

The Creeper virus was first detected on ARPANET, the forerunner of the Internet in the early 1970s. It propagated via the TENEX operating system. It would display the message ―I'M THE CREEPER: CATCH ME IF YOU CAN.‖

199