Article Date: 1/1/2002

cybercare
Bugs Be Gone!
How to identify and ward off computer viruses in your practice.
By Richard Hom, O.D., F.A.A.O.

Computer viruses may not be deadly, but they can debilitate your practice. I've been hit with them, and I bet a bunch of you have too.

This month, I'll cover computer viruses and their companion programs, which I'll refer to as "rogue" programs, and how you can protect yourself against them.

ILLUSTRATION BY JOHN SCHREINER

The lowdown on computer viruses

A computer virus is a program or a segment of a computer code that, once launched, reproduces and attaches itself to another program. Usually the computer user isn't even aware that he's launched the virus. In fact, the virus will continually infect the computer each time the user turns on the computer until he applies an antidote.

Users can infect their computers by opening an e-mail attachment, downloading content from the Web, or using a floppy diskette that contains a virus.

Watch out for e-mail

E-mail viruses affect users of Microsoft Outlook as a mail client (or program) with a Post Office Protocol mail server or with the Microsoft Exchange Server.

Viruses, such as the "love letter," require the presence of a programming environment such as Microsoft Outlook. The virus usually executes only if the user opens the attachment or message that carries the virus. With Outlook 97 and later versions, the macro language can execute operating system commands that can, in worst cases, reformat your hard drive.

Your best defense: The best defense against an e-mail virus is to delete e-mail messages that have attachments from users whom you don't know or from whom you aren't expecting to receive an attachment.

The second best defense is to read all e-mail as text only. If you set up your e-mail to read messages as rich text or HTML, you're enabling Outlook or Microsoft Word to execute a potentially harmful macro or JavaScript.

Your second line of defense is to update your Outlook e-mail client to at least Outlook 98. You can configure this and later versions to scan your messages and attachments before reading and opening the message.

Disk-derived viruses

The most onerous floppy-derived virus is the boot-sector virus. It replaces the master boot record of your hard drive with an artificial version and replicates itself each time the computer starts up. A few master-boot viruses erase some or all of your hard drive. The less harmful, but still annoying, versions will display messages on your screen.

Your best defense: The best defense is to avoid starting up your computer with a floppy diskette in the "A" drive of your computer. Also, use an anti-virus program with up-to-date virus signatures. Make sure you scan a floppy diskette before you read from it. The anti-virus program will inoculate the diskette or alert you that a virus is present.

Rogue programs 101

Viruses aren't the only programs that damage your computer. You must also beware of rogue programs. The damage inflicted by rogue programs can extend from poor system performance (from worms) to outright destruction of the data on your computer. Knowing the mode of delivery of rogue programs is the key to defending yourself against them. A few to watch out for include the following:

Trojan Horses and logic bombs. These seemingly desirable and harmless computer programs perform hidden functions such as opening your computer to unauthorized users. They're desirable because they appear helpful. They could be described as a supposedly new security patch. Other, more notorious Trojan Horses are false upgrades to Internet Explorer, Black Orifice and NetBus (a game). Some Trojan Horses delete and transmit files or install other programs.

You may find false upgrades advertised on a Web page in which the author seems innocent. They can also come attached to an e-mail message. They're not detectable with the usual anti-virus programs because they don't change in size and aren't time-stamped as viruses are.

A logic bomb is a dormant program on your computer that launches itself on a certain date or time or after you execute a certain program a designated number of times. This happens when there's a code inside a seemingly innocent program. It will change a small part of data that's barely noticeable or corrupt the whole data file. Anti-virus programs can't detect logic bombs because every time you activate the virus, it, in turn, changes the code.

Your best defense: Questioning the source of downloadable programs can defeat Trojan Horses and logic bombs. And, don't download a program to a network file server to execute. First download it to your own workstation and test it. Putting it on the network file server allows a Trojan Horse or logic bomb to infect every workstation attached to the network. Always remember to back up your files or simply avoid questionable programs to prevent damage from Trojan Horses and logic bombs.

Worms. A worm is the most insidious of rogue programs. Self-replicating, it can reproduce or propagate without any action from the computer user. It spreads from local-area and wide-area networks, not from a floppy diskette. It can attack thousands of computers in a few seconds by sending itself out and looking for security "holes" in other programs. Security holes allow a worm to infect other computers.

Your best defense: Defending against a worm is a bit more difficult than the other types of bugs. You can transport a worm just by reading a Web page in an e-mail message while using Internet Explorer as the Web browser. The best defense is to use the latest version of Internet Explorer with the latest maintenance patch (a fix for a particular problem). Or use an e-mail client such as Eudora that has its own Web-rendering engine, which is a component of a browser.

Take proactive measures

Viruses and rogue programs create headaches and can result in costly computer repair bills. Awareness of the threat, common sense and an up-to-date anti-virus program are your best defenses. Next month, I'll tell you how to protect your computer against unauthorized access.

DR. HOM HAS A RICH BACKGROUND IN E-COMMERCE. HE CURRENTLY PRACTICES PART TIME IN SAN FRANCISCO, EXCLUSIVELY CARING FOR COMPLICATED CONTACT LENS PATIENTS. HE'S ALSO A PARTNER AND BUSINESS DEVELOPMENT MANAGER FOR NETWORK APPLIANCE IN SUNNYVALE, CALIF.

 


Optometric Management, Issue: January 2002