Overcome The Occurrence Of Computer Viruses Assignment
Question
Task:
Select a topic from the topic list at the end of this document. Research your topic and write a report analyzing the technical, social, legal aspects. For each topic your report will need to identify problems (or crimes) that may occur then recommend actions that can be taken to prevent the problem from occurring, identify the problem has occurred, what steps can be taken to remedy the problem, and what actions can be taken towards the perpetrators of the problem. Reference original laws (e.g. common law) or court cases. Provide all references (Journals, web links, etc). Where possible, identify all laws applicable in each region (Australian-Pacific, Europe, America, and Asia).
Your final report must include the following:
• Assignment Cover Page: (Use the cover sheet provided. Include the Title,
• Assignment number, Student Names and IDs, Subject)
• Title page (Name of report who it is prepared for, and authors)
• Executive summary (1 paragraph)
• Table of contents
• Body (Numerous headings and texts needed for the paper. Use the marking criteria and topic questions to help identify these headings)
• Conclusion
• References/ Bibliography (must be in Harvard style)
Report Each student is assigned a topic. The written report must describe the topic; comment on its impact on ICT and society; and, where appropriate, identify relevant laws; actions to fit the issues; and discuss preventative measures. Students will present their report to the class. (2500 words)
Topic: Virus/Worms
– What is it (Define))?
-types of viruses and features
- Classic Cases
- Legal Implication?
-Detect, Prevention? Prosecution?
-- Explain the technical implementation – how to overcome it.
- What can companies do to mitigate the risk from viruses?
- What are governments doing to mitigate the risk from viruses?
- Do the current Australian laws provide adequate protection, which laws apply?
Answer
Executive Summary
The present report on computer viruses assignment discusses the concerns relating to computer viruses and the ways to overcome the occurrence of computer viruses. The evolution of computer viruses dates back almost 17 years in various forms such as worms, Trojan horses, logical bombs and so on. The basic motive behind such attach is to disrupt the functioning of the user’s system by way of data destruction, data manipulation, data restriction etc. The impact of virus occurrence have had been quite significant in the past years which could almost have affected the entire world’s economy. However, it is also clear on this computer viruses assignment that unlike other cyber-crimes the legislative structure of the government in the context of cyber-crimes related to viruses has not been so strong to reduce its incidences and their impacts. As the cyberspace has no geographical boundaries, it becomes difficult to trace out the virus origination country and since it flies from one to another country its prosecution becomes really a difficult task for the cyber laws regulators.
What is Virus?
It is a malicious code or program which is executed itself by way of modifying the other programs of computer or mobile devices and also by inserting its code. Once it is executed successfully on its own it multiplies by replicating itself from one file or program to another with the intension of disrupting the existing files or software programs (Comodo, 2019). The purpose of virus stated in the computer viruses assignment is to affect the functioning of systems or to gain access to sensitive information available therein.
Types of viruses and their features
Viruses come in different form from different sources to impact the data or files or the entire system in different ways. There are various types of viruses out of which some of the common types are mentioned below within this computer viruses assignment:
- Boot Sector Virus: It infects the master boot of the system. It is highly complex in nature as it cannot be easily removed and it often requires the formatting of complete system. Primarily it spreads through devices of removable nature.
- Direct Action Virus: Also known as Non-Resident Virus and it either is installed in the computer’s memory or stays hidden over there. It is generally attached to a particular file or program and thus not affecting the overall system functioning.
- Resident Virus: Such viruses are difficult to identify and remove as they get installed on the system.
- Multipartite Virus: These viruses have multiple ways to get spread and they affect boot sector as well as the executable files contained on the systems.
- Polymorphic Virus: Such viruses are not easily identifiable using the conventional anti-virus programs as they always change their signature pattern while replicating further in the system.
- Overwrite Virus: This virus type examined in the computer viruses assignment causes deletion of the files infected by it. The only alternative to remove the virus from the system is to delete all the files that are infected which amounts to significant loss of data content. Identification of such type of virus is complex as it generally spreads through mails.
- Space-filler Virus: Also known as cavity viruses because it tends to fill up the spaces between the codes and therefore it does not amount to any file or content damage (Comodo, 2019).
Also, it is to be noted that computer viruses have different forms and it includes worms and Trojan horses. Worms have the tendency to replicate themselves after infecting the system and it continues to replicate until the system operations are put in standstill form. Trojan horses allow users remote access of those systems that are infected. The access is provided over the internet wherein there is no knowledge of the victim. Once the malicious program is installed over the system, all the files and passwords (Ling, 2014)
Classic cases of viruses
As per the research on computer viruses assignment, in the history there are large numbers of cases reported in Australia related to Viruses causing cyber-crimes. Viruses like WannaCry, NotPetya, Melissa, Lovebug are world’s most widespread viruses and were most destructive across the globe. Massive systems from around the world had to shut down due to such viruses. It included the international airport systems, National Health Service System of UK, various multinational businesses like Maersk. The cyber-attacks in the form of Viruses in the last few years have even affected multibillion-dollar companies. Few of the classic cases are being discussed below within this computer viruses assignment:
WannaCry: It was a ransomware worm which was spread rapidly causing cyber-attack across the world in 2017. It infected windows computers by encrypting the files on hard drive of the computer. The main agenda of WannaCry virus was to restrict the access to the personal computers of the users and demanding the ransom payment in return of providing them back with the access to their systems. The virus affected around millions of system users in around 150 countries. The virus after entering the systems of the users had shown some message demanding ramsom amounting $ 300 as Bitcoin Currency to enable the users to re-access the files (Fruhlinger, 2018).
Petya: Petya and NotPetya outlined herein computer viruses assignment are pieces of malware which affected large number of computer systems across the world in 2016 and 2017. Petya was a ransomware that attacked the systems and encrypted some of the important data. Petya entered the computer systems of the users through an e-mail containing a resume of job applicant.
Melissa Virus: It was written by David Smith in 1999 and was started as an infected word document file which was posted on alt.sex usenet group and claimed that it has a long list of passwords for pornographic sites. The said virus had reported caused a damage of $ 80 million dollar. When the virus author was caught it had to pay a fine of $5000 for his 10 year sentence and also served around 20 months sentencing (Jamalludin, 2019).
ILOVEYOU: this class noted in this section of computer viruses assignment is considered as the most devastating virus in the history as it had caused a damage of $ 10 billion worth. Almost 10% of the total computer systems of the world were infected due to it. It created a mail attachment with the name of love confession and used social engineering to encourage people downloading it and once downloaded it automatically started overwriting the files of the users (Jamalludin, 2019).
Legal Implication of Computer Viruses:
The rapidly increasing dependency on computer systems requires strong enforcement laws against cyber-crimes. The existing framework of criminal law considered in this computer viruses assignment has not given adequate consideration to the computed related crimes. Virus Attack is one of the most common types of cyber-crime that has obtained widespread media coverage in the recent times.
A virus attack on the computer systems usually involves a cyber-crime wherein the attacker has pure intent of causing some damages to the computer users through multiple ways such as creation of a destructive program or distribution of any malware program. The legislation that is generally applicable to most of the computer virus related crimes is just cybercrime legislation. Evidently, legal implications of computer viruses are not defined in a well manner and the laws regarding to such computer viruses varies from state to state and country to country. In various countries the act of writing of virus is not considered as an offence at all but in various other countries even sharing of the virus codes among anti-virus researchers could be considered as an offence. Although there are existing laws and legislations against the computer viruses but still the legislative systems and practices are yet to be improved to a significant extent. It is noted in the present context of computer viruses assignment that cyber-crime is a serious concern as it defies all the geographical borders or boundaries. Hence, the rules and laws in this context must also be boundary less. Though majority of the jurisdictions have laws and legislations in place for the activities like hacking but there are only fewer criminal offence provisions given in the legislations dealing with circulation of computer viruses.
Detect, Prevention & Prosecution of Computer viruses:
In order to protect the systems from the attacks of virus as mentioned in this segment of computer viruses assignment it is important to detect the entry of virus in real time so that preventive measures could be taken on time to avoid the actual damage of such virus execution (Shah & Zaman, 2010). An intrusion detection and prevention system shall be put in place on the company’s network to identify if the company is under any attack, what is the source of attack, what IP is the attacker’s target if the company (Parish & Goostree, McAfee 2013). The IDS helps in checking the traffic flow on the network in real time and thereby detecting the fraud on time. However, it is not practically possible to trace out each and every error in real time so preventive measures must be adopted by the companies to prevent the virus that has remained undetected at the initial stage. In order to prevent the viruses from entering into systems it is important to use the firewall systems which will restrict the access to the network of the computer users to which such system is implemented. The firewall acts as the door which cannot be passed by the unauthorized entities. Thus, it helps in preventing the virus that has come to enter the system. The intrusion prevention system will prevent the virus infected system to get connected to the systems that have not been infected from such viruses. Despite the fact outlined in this computer viruses assignment there has been wide proliferation of viruses, few of them have led to enough damage that warranting prosecution is not enough (Ling, 2014). Different nations have different laws regarding the prosecution in cases of viruses. Some involves large sentencing period and other involves higher monetary fines and some involves both depending on the severity of the attack. However, as cyberspace has no geographical boundaries it is important for the countries across the world to learn the ways to prosecute the virus authors on the foreign land (Cesare, 2001). Therefore, it is important to come up with an international solution to make the prosecution of virus authors a successful practice as it is really difficult to identify the original soil of the author and it keeps on passing from one country to another.
Technical implementation of virus and ways to overcome it
The information developed in the computer viruses assignment signifies that the successful execution of virus in any system has the potential to cause severe data issues for the system user as the virus might either manipulate or steal the important data or files that supports the functioning the systems. A virus generally operates in 2 ways. It either starts replicating itself as soon as it is executed in a system or it starts functioning once the trigger is pressed (Comodo, 2019). The execution of virus could be overcome if there is a restriction on suspicious websites and downloading of risky e-mail attachments, anti-spywares put in place, updated operating systems and programs, prescreening of mail attachments and so on (Eze & Chukwunonso, 2018).
What are the ways to mitigate the risk from viruses at companies level in the context of computer viruses assignment?
In the corporate sectors use of multiple computer systems is made. These systems are internet connected to each other through some virtual private network and hence are more prone to cyber-attacks. Once a virus enters into one system it becomes easy to replicate itself in all the systems in the network. In the today’s world were business have accepted the concept of digitization due to the advancement developments in the areas of internet technology, all the business data is taken to the online platform. Hence, due to online presence of data it is nowadays more exposed to various crimes such as data loss, data restriction, data encryption, data alteration due to increasing number of cyber-crimes in the form of viruses like malware programs or unethical hackers. The viruses examined in the computer viruses assignment have the tendency of infecting all the systems in the loop hence they must be prevented by the companies to execute themselves. There could be numerous ways that could help companies to mitigate the risk of viruses. Following are some of those ways presented in the computer viruses assignment:
Allowing only authorized devices in the local network: It is important to keep in the network on those devices that are authorized by the IT department of the company and if any device (employees personal laptops, USBs, mobile phones) from outside the network is connected to the network then companies must ensure that such device is free from any virus or malware function before allowing its connection (Ben, 2017).
Regular Anti Virus Updates: New virus in the computer systems can be created any time. Therefore, the companies must have in place an authenticated anti-virus software program which is updated on regular basis for any upgraded versions. The anti-virus programs will keep on removing the viruses that are created in the systems every day. A specific time shall be fixed by the companies to run its anti-virus programs on regular days and such time shall be fixed after the working hours of the employees gets over so as to avoid any system disturbances (Rudd, Rozsa, Günther & Boult, 2016).
Use of closed network: The information provided in the computer viruses assignment illustrates that if the company uses any Wi-Fi connection to allow its employees to remain in the network for sharing files and data then it must ensure that there is a closed network which is supported by strong password that is required to use the connection. Use of WPA or WPA2 encryption shall be made by the companies in order to allow access to their Wi-Fi network. Also, the SSID (username of the connection) shall be kept confidential so that no unauthorized entity could gain access to the network.
E-mail attachment Filtering: Companies must only allow the download of only certain specific file extensions. The rest of extensions must be restricted by way of filters. Email accounts may also receive threats and such threats could be stopped by deploying DMARC that is designed to stop the email threats. The software detects the malware threats in the systems in real time thereby helping the companies in taking preventive actions on time (Cert, 2005).
Updated Operating Systems and Internet Browsers: It is noted herein computer viruses assignment that companies must keep all the operating system and internet browsers updated so that these systems can provide any critical update for the information security. Also, the employees of the company must be made aware of requirements of keeping their systems updated for the security purposes.
Data Back-ups: This is the most important aspect of mitigation of risk of destruction caused due to computer viruses. The companies must keep the back up of all the necessary and important data at a secured storage so that a copy of lost data could be recovered quickly in case of virus occurrence in the systems without hampering the overall functioning mentioned in the computer viruses assignment.
Governmental actions to mitigate the risk from viruses
To mitigate the risk of computer viruses, government of all the countries across the globe are taking various actions. Various laws and legislations have been formed in order to enforce legal actions against the virus creators and distributors. With increasing cases of virus related cyber crimes the economies of almost all the nations have to suffer economic losses which are necessary to be stopped through strict actions again such cyber attackers. Government at various jurisdictions has allowed the law regulators to put in place stringent laws to deal with cyber virus attacks. Government has put harsher penalties and prosecution against the criminals. Numerous efforts have been made by both state and national legislatures in order to evolve with the evolving technological advancements (Colombell, 2002).
Adequacy of Australian Laws to Protect the economy from Virus
Although the jurisdictions of UK and US have comprehensive legislations for computer crimes since at-least a decade but Australia has still remained slow to realize the vulnerabilities of cyber crimes (Colombell, 2002). Though there is no uniformity in offences related to computer in Australia still the creation and distribution of computer viruses could be provisioned under Commonwealth as well as state legislation (Kroczynski, 2007). The provisions relating to gaining unauthorized access to that data of other person with the intention of damaging it as given in commonwealth legislation have the potential to cover the cases related to deliberate creation and distribution of virus through e-mails or other sources over internet (Pynt Partners. 2018). Section 310 of Crimes Act, 1900 follows that a person who either destroys, deletes or alters the data or interferes, interrupts or obstruct the legal use of computer systems with an intention and legal authority shall be imprisoned for 10 years or shall be liable to pay a fine amounting 1000 penalty units or both (Ling, 2014). The said provision provided in the computer viruses assignment is the only law in Australia that is applicable to an instance wherein a person deliberately creates or distributes a virus in the computer systems.
Conclusion
It can be concluded from the entire report on computer viruses assignment that in today’s modern world were technology has advanced itself to a great extent, the majority companies have taken their business to the online platforms which are more vulnerable to risk of cyber-attacks as the attackers have been always successful in finding out the loopholes in the technology and causes huge damages. Computer virus has been one of the most common cyber-attack in the history as a series of virus attacks all across the world has caused the global economy huge losses in monetary as well as non-monetary terms.
References
Ben, W. 2017. Best Ways to Mitigate Computer Risks and Infections. Available at: https://vocal.media/01/best-ways-to-mitigate-computer-risks-and-infections Accessed on: 24.04.2020
CERT, U., 2005. Malware Threats and Mitigation Strategies. Multi-State Information Sharing and Analysis Center and US Computer Readiness Team. Computer viruses assignment Available at https://www.us-cert.gov/sites/default/files/publications/malware-threats-mitigation.pdf Accessed on: 24.04.2020
Cesare, K., 2001. Prosecuting computer virus authors: The need for an adequate and immediate international solution. Transnat'l Law., 14, p.135.
Colombell, M.R., 2002. The legislative response to the evolution of computer viruses. Richmond Journal of Law & Technology, 8(3), p.18.
Comodo, 2019. What is a Computer Virus and its Types. Available at: https://antivirus.comodo.com/blog/computer-safety/what-is-virus-and-its-definition/
Eze, A.O. and Chukwunonso, C., 2018. Malware analysis and mitigation in information preservation. IOSR Journal of Computer Engineering, 20(4), pp.53-62.
Fruhlinger, J. 2018. What is WannaCry ransomware, how does it infect, and who was responsible? Available at: https://www.csoonline.com/article/3227906/what-is-wannacry-ransomware-how-does-it-infect-and-who-was-responsible.html Accessed on: 24.04.2020
Jamalludin, A. 2019. 10 Deadliest Computer Viruses of All Time. Available at: https://www.hongkiat.com/blog/famous-malicious-computer-viruses/ Accessed on: 24.04.2020
Kroczynski, R.J., 2007. Are the current computer crime laws sufficient or should the writing of virus code be prohibited. Fordham Intell. Prop. Media & Ent. LJ, 18, p.817.
Ling, P. 2014. Is Australian Criminal Law up to the threat of computer viruses? Available at: http://classic.austlii.edu.au/au/journals/ANZCompuLawJl/2000/14.pdf computer viruses assignment Accessed on: 24.04.2020
Parish, S. and Goostree, P., McAfee LLC, 2013. System and method for tracking computer viruses. U.S. Patent 8,387,146.
Pynt Partners. 2018. Regulation of Hi-Tech Crimes Under Australian law. Available at: https://www.pyntpartners.com.au/regulation-of-hi-tech-crimes-under-australian-law.html Accessed on: 24.04.2020
Rudd, E.M., Rozsa, A., Günther, M. and Boult, T.E., 2016. A survey of stealth malware attacks, mitigation measures, and steps toward autonomous open world solutions. IEEE Communications Surveys & Tutorials, 19(2), pp.1145-1172.
Shah, D. and Zaman, T., 2010, June. Detecting sources of computer viruses in networks: theory and experiment. Computer viruses assignment In Proceedings of the ACM SIGMETRICS international conference on Measurement and modeling of computer systems (pp. 203-214).