You probably know that it’s important to protect your computer from viruses.
But many people don’t know exactly what viruses are — or what risks they can actually pose to their victims.
Let’s break computer viruses down to their basic parts, learn how to tell when they’ve infected your devices, and find out just how much damage they can do.
What Is a Virus?
Many people use the term “virus” to refer to any malicious software or malware.
But viruses are actually a subtype of malware that requires user action to replicate themselves, such as running a malicious program that would otherwise lie dormant.
Viruses are sometimes used interchangeably with worms.
Computer worms are stand-alone programs that self-replicate. Viruses require user interaction.
The distinction lies in how they’re activated — and how they spread from machine to machine.
How Viruses Work
The computer virus’s namesake, the biological virus, provides a great analogy for how it works.
When you’re infected with a virus, you typically develop symptoms like coughing and sneezing, expelling various bodily fluids that contain the virus.
But if you don’t cough out saliva or blow your nose messily around others, the virus can’t spread. It requires you to “activate” its spread by getting it out of your body and close to another person so it can begin its process anew.
Computer viruses work the same way. You need to get close enough to an infection to become infected yourself.
Stay One Step Ahead of Cyber Threats
Catching a Virus
Unlike other types of malware that can spread automatically with no action whatsoever from the user, viruses require a host program and at least a little user input to spread and execute.
First, the viral file or program needs to get to your computer, requiring you to initiate the infection. This could be anything from opening a malicious email attachment to plugging in a USB drive that contains the virus.
Other attack vectors include pirated files, sketchy ads on web pages, and downloads from compromised sites.
Viruses are sometimes prepackaged with their host program, often a legitimate program that’s been compromised by hackers. But they can also use your preexisting apps as host programs, appearing on the surface as document files, images, plugins, or add-ons.
Dormancy and Activation
Once the virus has found its way onto your computer, it can begin its siege — though it doesn’t always do so right away.
The virus’s host program needs to be running for the virus to work. Some, like boot-sector viruses, run automatically in the background, but others require you to manually start the program, potentially delaying the onset of symptoms.
And just as biological viruses can lay dormant for days, weeks, or even years, so too can computer viruses.
To reduce detection, some viruses may not start working until you perform a specific action, such as rebooting your computer a certain number of times or using a particular feature in an infected program. Some will only activate once a set period of time has elapsed, making it harder to trace their origins.
Propagation and Attack
Different viruses do different things, but they share one common feature: self-replication.
The virus hijacks your system’s resources as it replicates itself into other files and programs on your device. This may involve attaching bits of itself to preexisting files or overwriting them entirely.
It may even produce copies of itself that differ slightly from the original, helping it avoid detection by antivirus programs.
Depending on the virus, this process may be slow and subtle enough that you don’t even notice it. But it could also make your computer extremely slow as the replicating virus consumes all of your available memory and CPU power.
And if the virus happens to corrupt or overwrites essential system or program files, you may find that some apps — or even basic system functions — crash and become unusable.
As if the resource consumption and file damage weren’t enough, many viruses go even further in their destruction.
They may log your keystrokes, transmitting everything you type — including credit card numbers and passwords — back to their creators. Some scour your computer for sensitive files and steal those, while others bombard you with ads that earn the attacker money if accidentally clicked.
The most sinister viruses can get downright horrific, encrypting your files and threatening to delete them permanently unless you pay the attacker a large sum of money. Some finish their job by corrupting your system so badly that your computer becomes permanently unbootable.
Transmission and Removal
Once you’ve been infected with a virus, it may use you to help it spread to other people.
Some viruses find their way into your address book or email app then email themselves to all of your contacts. This makes the email appear as if it’s coming from you, making your contacts more willing to open it — and subsequently, catch the virus themselves.
Others seek out removable media such as CDs, USB drives, SD cards, or mobile devices and then propagate themselves onto them. Any other computer you plug that media into will then become infected as well.
Networks, especially high-traffic ones like public hotspots, school WiFi, or office intranets, also present a huge playground for viruses: a wide variety of connected machines, all easy to spread to and ripe for infection.
Luckily, antivirus software can often detect incoming viruses and block them before they take hold, reducing the likelihood of transmission.
But it’s much harder for these programs to remove viruses once an infection has occurred. Because viruses spread throughout the device, it’s difficult for the antivirus software to track down every instance of it — and it only takes one remaining for the infection to reoccur.
Key Virus Takeaways
- A virus is a type of malware that requires a host program and user action, such as running the program, in order to activate.
- Viruses primarily spread through infected downloads, especially email attachments and compromised apps, but can also spread through removable drives and networks.
- Viruses replicate themselves by attaching to or overwriting files on your computer, stealing system resources and causing errors or crashes as they spread.
- The end goal of a virus may be to steal personal information, inundate you with ads, hold your computer for ransom, or use your contacts list to find new victims.
History of Viruses
The computer virus was first conceptualized in 1949 by computer scientist John von Neumann. Von Neumann designed a program that could self-replicate, a groundbreaking invention that earned him the title of “the father of computer virology.”
His theory was first put into practice in 1971 with Creeper, an experimental virus designed to show how programs could copy themselves to other computers. A year later, one of Creeper’s creators produced the first antivirus software, Reaper, which automatically deleted any Creeper instances it detected.
But the first virus to reach the public was the Elk Cloner, created in 1981 by high schooler Richard Skrenta. Elk Cloner spread by copying itself to any floppy disk not already infected, disguising itself as a functional game for the Apple DOS 3.3 OS.
The 50th time the game was started, it was replaced by a blank screen containing a short poem Skrenta wrote about the Elk Cloner.
But it wasn’t until 1984 that computer viruses got their official definition: “a program that can ‘infect’ other programs by modifying them to include a possibly evolved copy of itself.”
For the most part, viruses were relatively unharmful novelties until the 1990s, when the internet began taking off. A world of connected computers inspired many nefarious uses for viruses, and the term soon became synonymous with any harmful software.
Viruses by the Numbers
- 57% of all malware infections are caused by viruses
- On average, over 8 million US households per year are affected by serious virus problems
- There are almost 1 billion different pieces of malware, including viruses, and around 100,000 new ones are discovered every year
- 77% of people use antivirus software on their computers — but only 24% use it on their smartphones
The Shamoon Virus
In 2012, Saudi Aramco, one of the world’s largest oil companies, was hit by a devastating cyberattack.
The attack came in the form of the Shamoon virus, which initially found its way into company networks via a phishing email. From there, it spread throughout the network, stealing passwords and confidential files before erasing them and overwriting the entire operating system.
Shamoon overwrote 30,000 company computers in just a few hours, severely affecting business operations and the region’s gas supply. It took nearly 3 weeks for the company to resume normal functioning, causing some cyberwarfare specialists to call it the “biggest hack in history.”
The Locky Virus
One of the most destructive ransomware viruses in history, Locky first appeared in 2016 in the form of a Word document claiming to be an unpaid invoice.
When users open the document, they’re presented with gibberish and an instruction to enable macros — small user-created programs within Word itself. If they do so, the Locky virus begins to run, encrypting various files and demanding a Bitcoin ransom in order to unlock them.
Millions of users were affected by Locky, including hospitals and schools, with many of them paying the ransom out of fear of losing their files. It’s unknown just how much ransom has been paid, though some victims report having paid upwards of $15,000 to retrieve their files.
1. Can I get a virus from simply opening an email?
No, simply opening an email won’t usually spread a virus. However, clicking on a link within the email or opening an attachment can activate a virus.
2. How can I protect my device from a Boot Sector Virus?
Ensure your system is always updated, use trusted antivirus software, and avoid using unknown external storage devices.
3. Can a Browser Hijacker steal my personal information?
Yes, some forms of Browser Hijackers can track your online activities, potentially gaining access to your personal information.
4. How can I know if my computer has been infected with a virus?
Typical signs of a virus-infected computer may include slower-than-usual performance, unexpected pop-ups, programs starting automatically, or frequent computer crashes.
5. What should I do if I suspect my computer is infected?
Run a thorough scan with your antivirus software. If a virus is detected, follow the recommended steps to remove it. If your computer performance doesn’t improve, consider consulting a professional.
What is a Computer Virus (Video)
"Amateurs hack systems, professionals hack people."
-- Bruce Schneier, a renown computer security professional