A Case Study On Computer Viruses Information Technology Essay
In this project we have been asked to consider and discuss the different aspects of the above statement. We have asked to create a case study of an organization to help with our case and we have chosen for our case study to look at North Lanarkshire Council. The case study will be a report based on 2 interviews and a short look at the council and its history and what services it offers. There will also be a critical review arguing as to the rights and wrongs of the statement and finally a conclusion in which we will be a brief summary of what we have discovered during the report.
Before we can begin to discuss the statement, we should take a quick look at exactly what a computer virus and phishing are and also take a quick look at their history.
The computer virus was so named as it has similar properties as a human virus in the way they can pass form computer to computer and in that they need a host to survive.
The first viruses were created during the 1980’s, although there programs that worked on the same principle created maybe as early as the late 1960’s. The first program of this type to appear on a computer other than the one it was written for was called Elk Cloner and was written by Rich Skrenta in 1982 and surprisingly was written to attack the Apple operating system as today viruses are very rarely written with Apple in mind. The most common virus of that period was written to infect PC’s and was called the Brain and was written by two brothers Basit and Amjad Farooq Alvi in 1986. Both these virus were spread by floppy disks and since then the virus concept has grown and become more sophisticated.
” (antiviruswear.com, 2010)”
There are 3 main types of common virus today
Worms
Trojan Horse
Email Virus
A worm uses security flaws and computer networks to replicate itself. They can be very complex programs and once on an infected machine, will search for other flows to exploit.
A Trojan Horse, named after the famous wooden horse in Homers Iliad. The virus disguises as itself as another file, e.g. a sound file with a .wav extension and once on the host computer does not reproduce but will make the host computer susceptible to attack by third parties by opening ports and can be a major threat to the user’s personal data.
Am email virus once opened on an infected machine will send copies of itself to everyone on the email clients’ contacts list. They payload can also include Worms and Trojan Horses.
(spamlaws.com, 2009)The term Phishing appears to have been first coined in 1996 and was applied to hackers who were stealing AOL passwords. It is now a broader term applied to a form of social engineering where the angler (phisher) throws a hook by maybe sending an spam email pretending to be from the recipients bank stating there has been a breach of security and asking for the customer to enter their password and user name on a website that is linked to on the email. This website may look like the persons online banking website but is a fake set up to steal the user names and passwords and allow the phishers to then gain access to the person’s bank account details and transfer monies to other accounts.
(allspammedup)”
Review
For-end user protection
Software-every user should have security software installed on their computer the software will help protect your computer from viruses, worms and other harmful programs. You should scan your computer on a regular basis and also update your operating system.
anti virus
anti spyware
anti malware
firewall
botnet
Antivirus – you must update regularly to benefit for the latest threats. A computer virus is a computer program with the intent of copying itself and contaminating a computer. Viruses can boost their chances of spreading to other computers by infecting files on a group of networks or a file structure that is accessed by another computer. You need antivirus software to prevent, detect and remove viruses from your computer. There are quite a lot of different types of viruses like worms and Trojan horse.”Millions of computer users suffered billion of dollars in losses from real attack experienced over the internet. Most of the damages were caused by fast moving computer viruses and worms that travelled by email” (Simson, 2002)
Antispyware- Spyware is a sort of malware that can be setup on computers and gather small pieces of information over time and the users has no awareness that it is there. The existence of spyware is usually concealed from the consumer, and it can be hard to notice. Normally, spyware is secretly installed on the consumers own computer. Now and then spywares is like a key logger and is installed by the vendor of a joint, company, or public computer with the intention to secretly watch other users.
Anti malware- A computer worm is a self reproducing malware computer program. It makes a computer network send duplicates of itself to computers that are on the same network and it will do it with no user intervention. This is due to weak security on the computer.
Firewall-A firewall is to prevent unauthorized access to or from a network. Firewalls can also be implemented in both hardware and software they prevent unauthorized internet users from accessing a private network. All messages leaving the intranet pass through the firewall.
Botnet- Once a solitary machine inside a network has become part of the botnet it will put other computers on the same network at risk. The infected computer is able to read emails and email addresses and copying files and also able to record keystrokes and send spam as well as capturing screen shots.
Phishing- You could be sent an e-mail wrongly claiming to be a recognized genuine company in an attempt to scam the user into giving away their private information that will then be used for identity theft. The email will guide the user to visit a web site where they are asked to input their personal information, like your credit card details, passwords and bank account numbers. The website is a phony website and is only set up to steal the user’s information.
Access- It’s up to the end user if they want people accessing data so their privacy is in their hands, it is up to the user who they allow access to their computer. They should only allow people they trust to protect their computer with any personal information that is received or collected. Your personal information is under your control your privacy is your property so be aware of what information you store on your computer. Naivety is not an excuse, attackers will take advantage of a computers vulnerability. Legitimate companies will not ask for personal information in an email. Hardware like your router use password protection to constantly secure your wireless connection and will only allow named computers that you know access to the network.
Awareness-Every user should be aware of the threats that is out there and what they can do. They should be aware of the different types of viruses and spyware and of what phishing is and what the stakes are. There is your privacy, time, money and your computer. Credit card fraud is on the increase and identity theft also. Your children are exposed to pornographic material and can be targeted by pedophiles. You also need to be aware of shopping when using your credit card “most magstripe cards conform to ISO standard that the card contains three tracks of data referred to as track 1,2,3 the majority of magstripe cards contains no security measures to protect the data stored on the card” (Stuart, 2009)
Education-Most people are not aware of installing software to stop viruses, they have never been taught that your computer needs to be maintained and that there are viruses and worms they don’t know of and the damage they can cause. You would not leave your home without locking your door so why leave a personal computer without protecting it. New users and children should be educated before being allowed access to a computer. Naivety is a weapon used by malware and phishers and children and teens are targeted, parents should take steps as well, there is a parental control that will help block websites and file downloads. “Computer virus traps over 2,000 tourists on Russia-chinese border Over 2,000 Russian tourists were stranded in the Chinese town of Heihe on the Russian-Chinese border after a computer virus paralyzed the border’s electronic pass entry system” (Alexey, 2010)
Internet service providers are facing an ever increasing amount of pressure to make sure their networks are virus and phishing free-not only would this be advantageous to their customers, but also very beneficial for the internet in general.
Against-end user protection
With the escalation of zombie-fed threats like phishing, securing the consumers PCs should no longer be down to the user themselves, the internet service providers should in this day and age be protecting the Internet traffic they are providing. ISPs should be taking more responsibility to monitor what is passing through their networks more closely.
A zombie computer is a PC that has been secretly hacked, this then allows an outside person to control the computer with the intentions to infect, copy, corrupt and for erasing the hard drive. The hacker can then install tools that will store everything that is typed into the PC, this includes passwords, usernames and credit card and bank account details. Once this information is in the hands of the hackers it can be used for identity theft, committing fraud or sold on to the highest bidder.
Related topics
There has been a huge rise in cases that involve malicious code, also referred to as bot code that infects computers turning them into zombies, from April to June this year the number of reported cases have quadrupled to 13000.
ISPs have been doing something’s to combat the threats of bot code by providing customers with online help on how to keep their PCs secure and some apply spam and virus filters for email as bot code is quite often spread through instant message worms, email and also through Trojans hidden in spam. The ISPs should however be offering a greater protection against these infestations than by just trying to control the threats from e-mail.
Getting filtering to work effectively and properly takes a vast amount of time, patience, resources and money. Because the people writing the malware get better and better on a constant basis, it is a never ending struggle to keep up to pace with them so that filtering works.
Some Internet service providers are using a technique called “port 25 blocking” to halt zombie computers that are connecting through their network sending out junk emails, this allows only emails that comes from its own server to be sent out, and this then helps eliminates spam that originates from another server.
But those steps don’t appear to be enough to tackle the threat of zombies, according to some experts. “To take down zombies, ISPs should monitor their networks closer for traffic generated by the compromised PCs”, said Dmitri Alperovitch, research engineer at CipherTrust, a security vendor in Alpharetta, USA.”ISPs allow these machines to communicate with the rest of the world. They have the power to do a lot about the zombie threat, and they should be doing a lot about it” Alperovitch said.”A start for Internet companies would be for them to participate more actively in security groups and to use data on zombies collected by third-party security companies such as CipherTrust”, he said.
ISPs should monitor their networks more closely for anything suspicious, the ISPs should also be improving customer education and possibly even providing their customers with Anti-virus, Anti-spyware and firewalls for their own machines. If the ISPs were to provide customers with all the necessary software to protect themselves then there should no longer be any problems, as long as the customer uses the protection. Maybe the ISPs should enter in their contracts with customers that they will provide the software and if the customer chooses not to use it or take other preventative measures their internet connection will be cut off. If the ISPs were to do their part in helping to protect their customers then naivety in people using the internet should not be an excuse in this day and age, there has been enough cyber crime and virus and it has also been about long enough now that it is no longer excusable for people not to be protecting themselves while surfing the net. There are dangers in most things we do in life and we are expected to take preventative measures, if we go out for a walk we put shoes on to protect our feet, if we go out for a drive we put our seatbelt on and if we surf the net we should also protect ourselves in advance. We are not allowed to drive a car on the road if it is not roadworthy so maybe we should not be allowed to surf the net if our computer is not properly equipped. Although customers can be encouraged to keep their PCs clean with the threat of disconnection, the pressure should be on the ISPS to take more responsibility to tackle any threats coming through their network. With the amount of threats on the increase, ISPs should be taking a more hands on approach, as the hands-off method has been proven not to work.
(1) Dmitri Alperovitch, research engineer at CipherTrust, a security vendor in Alpharetta
(news.cnet.com, 2010)
Case Study – North Lanarkshire Council
For our case study we chose North Lanarkshire Council, there were two reasons for this, the first being that they are a large organization with a huge computer infrastructure that would allow us to speak to a qualified IT specialist and also an end user to get both views across and the second reason being one of our team had previously worked there and was confident he would get the interviews arranged with the minimum of fuss.
North Lanarkshire Council is the fourth largest local Authority in Scotland employing over 18,000 staff and serving a population of 321,000 people mainly in the following towns Airdrie, Bellshill, Coatbridge, Cumbernauld, Kilsyth, Motherwell, Shotts, Wishaw and their surrounding districts.
The council is split into 5 key service areas:
Finance and Customer Services incorporating all finance and IT services (including housing benefits and rebates) as well as public access via first stop shops, customer contact centre and website.
Corporate Services which includes central support unit, human resources, legal services, design and property services.
Environmental Services including planning and development, roads and transportation and protective services amongst others.
Housing and Social Work services
Learning & leisure Services which includes education and community education services.
The nature of this case study will dictate we concentrate on Finance and Customer Services, and in particular the government and development division which includes the IT function within the council and we will get a flavour as to how it protects its end users from Virus and Phishing attacks.
The finance department has many functions and these include council tax, purchasing and debtors, housing benefits and rebates and as you can see there is much personal and financial data to be protected within even this small selection of council’s services. If we add in the data that the social work also has to protect then we can see the security has to be comprehensive.
We will now take a look at the interviews.
Interviews overview
We had chosen to contact North Lanarkshire Council to see if it was possible to interview 2 of their employees for the project. We decided to contact Alex Mitchell, Assistant Service Delivery Manager, as one of our team had already worked quite closely with him in the past when he worked for the North Lanarkshire Council IT Department. Alex agreed in principle and asked we email him 2 sets of questions one aimed at the end user and the other aimed at someone who would be more aware of the security measures in place from the IT section.
He duly replied and said that the head of IT Security, Kenny Yates would be happy to meet for an interview and also gave us the name of an end user, namely a Lesley Bone who was happy to answer the end user questions.
Due to adverse weather conditions it became very difficult to arrange the interviews and in the end Lesley emailed her answers to us and we carried out a telephone interview with Kenny. Happily, they were both fairly frank and gave a good indication of how the council deals with computer security and how it protects the end user.
As was said earlier there were 2 sets of questions as some questions were asked to both people and others didn’t make sense to ask the individual concerned so were more tailored as to an end user or the more technical question. The results were as follows.
Lesley showed that as an end user she had an awareness of threats and had security in place in the house but was very vague as to what to do if she was affected by one and it seemed to be apparent that when given these questions she realized that maybe security is something she should look into and give more thought to in general.
Kenny on the other hand gave us a great insight as to how difficult a job it is to protect an organisation such as NLC. He showed that it was not just down to the council’s duty of care to its employees to protect them and the data they hold but there are many legal requirements some of which also get audited that have to be followed and can result in fines and removal from government secure networks if that audit is failed.
He also said that awareness training is now taking place and this seemed to tie in as Lesley had said she had received no specific training as such but there had been a responsible use policy available for a long time.
The main issues for the council as Kenny sees as the growth of remote and home working and as users have more scope to use unauthorized equipment on council networks and he also said naivety is the main cause of infection in council equipment.
Finally when asked what was the main threats he said that spam and email type worm viruses are the main concern and social engineering techniques are getting more sophisticated but the main threat was could be lack of investment due to recent cutbacks and this could leave the council open to attack.
The full interviews can be read. See appendices.
Conclusion
We were asked to comment and discuss the following statement “It is up to end-users to protect themselves sufficiently from threats such as viruses and phishing – they are responsible, naivety is not an excuse.” And here is the conclusion our team has come up with.
Firstly the user has a degree of responsibility, a home user especially must at least have the awareness that these threats exist, what they are, what they do and must know and carry out the minimum steps to protect themselves by at least installing a full security suite on all pc’s and also making sure that anyone with internet access has the same awareness. Also they should be wary as to who has access and should protect their computers and wireless devices with a secure password.
There is also a lot going on in the background that the end user is not aware of and this is also helping to protect them from threats, from working groups, the law and government acts and even their banks and retailers to their Internet service Provider and the security software writers. They are all working hard to minimize the effects of virus and phishing.
In an organisation it is much different and the end user has very little to do to protect themselves as we saw in the interviews. That job is taken on by the IT department and it is a very difficult job to protect an organisation. Due to legal obligations there has to be very tight security, especially in organisations like the one we looked at North Lanarkshire Council and surprisingly it turned out that the main source of protection turned out to be the amount of investment made in it and keeping up to date as everything moves so fast in the IT world and if the organisations don’t keep up they will get caught out.
Finally is naivety an excuse, the answer has to be a resounding no, it appears to be one of the main causes of infection and more so it is also the main tool of the people who write the virus or use their social engineering tools in the phishing attacks.
Bibliography
Alexey, K. (2010, 04 19). WorldComputer virus traps over 2,000 tourists on Russian-Chinese border. Retrieved from rianovosti: http://en.rian.ru/world/20100419/158646482.html
allspammedup. (n.d.). allspammedup. Retrieved from allspammedup: http://www.allspammedup.com/2009/02/history-of-phishing/
antiviruswear.com. (2010). antivirus. Retrieved from antivirus: http://www.antivirusware.com/articles/history-computer-viruses.html
news.cnet.com. (2010). news.cnet.com. Retrieved from news.cnet.com: http://news.cnet.com/ISPs-versus-the-zombies/2100-7349_3-5793719.html#ixzz16FkK89Lv
Simson, G. (2002). web security,privacy and commerce. cambridge: o,reilly.
spamlaws.com. (2009). spamlaws. Retrieved from spamlaws: http://www.spamlaws.com/virus-comtypes.html
Stuart, M. (2009). hacking exposed 6. new york: mcgraw.
Order Now