Understanding basic virus behavior and terminology is critical for successfully defending your organization against these pesky and sometimes harmful bits of code. So to find out how much our members already know about computer viruses and help them improve their knowledge of virus basics, we've conducted a quick virus pop quiz. How well do our members know their enemies? Let's find out.
Viruses, Trojans, and worms…oh my!
The correct answer to the first question: Trojan horse. As you can see from Figure A, 72 percent of our quiz takers got it right. Although end users often refer to any malicious code as a "virus," the IT world divides such programming into separate groups: viruses, worms, Trojan horses, and logic bombs.
- Viruses are bits of malicious code that hide within executable applications, executable macros (such as those used by Microsoft Word), or a disk's boot sector. When the infected application, file, or disk is run, opened, or accessed, the virus attempts to replicate itself. Viruses may or may not destroy data.
- Worms are self-replicating programs that do not require a host file. According to a News.com article by Robert Lemos, John Shoch and Jon Hupp of the Xerox Palo Alto Research Center first coined the term "worm" in a 1982 paper. The term worm was derived from "The Shockwave Rider," a 1972 science-fiction novel. Shoch and Hupp wanted to automate the installation of Ethernet performance measuring tools on computers at Xerox, so they used a program that could send and install itself across the network. Unfortunately, the pair's program developed a bug that caused the program and the computer to crash.
- Trojan horses (or Trojans) are malicious programs that disguise themselves as harmless applications. Trojans do not replicate themselves; instead, they rely on users to spread.
- Logic bombs are malicious programs that lie dormant on a computer until a specific date and time when the program will automatically run. When the program does run, it may do anything from spreading a virus to destroying data.
Boot sectors make perfect hiding places
The correct answer is: True and again a high percentage of those who took the quiz—83 percent—knew the answer, as shown in Figure B. Boot sector viruses can infect the boot record on floppy disks, hard disks, and even disks that contain only data. When a user attempts to start a computer with an infected disk, the virus is activated.
We have worm sign
The correct answer is: VBS, and again, 83 percent of our quiz takers got this one correct, as shown in Figure C. Visual Basic Script (VBS) is a programming language that can be used to invoke many system functions, such as starting and stopping applications. VBS files are given the VBS extension. VBS worm files often have this extension following an initial file extension; for example: AnnaKournikova.jpg.vbs.
No safe haven for IM users
The correct answer is: False, and an overwhelming 95 percent got this one right. Because many instant messaging (IM) applications allow users to transfer files, IM programs can propagate viruses much in the same manner as e-mail programs. Check out these TechRepublic articles and columns for more information on IM viruses:
- "Recovering from the MsgSprd instant messaging worm"
- "Instant messaging--better safe than sorry"
- "Instant messaging: The next hacker target"
I dub thee "computer virus"
The correct answer is: Fred Cohen, but only 37 percent of our quiz takers knew that this was right, as shown in Figure E. What surprised me more than anything about the response to this question was the fact that 35 percent of those who took the quiz picked me as the correct answer. I'm not sure whether I should be flattered by this outpouring of support, or distressed that so many individuals don't realize that I'm the author of the column.
In the 1980s Dr. Fred Cohen did groundbreaking practical and theoretical research into viral-type computer programs while attending the University of Southern California, and first presented a paper on his concept to an information security class in 1983. Len Adleman, an advisor of Cohen, is reported to have associated the term "virus" to Cohen's concept. In 1986 Cohen presented his concept as part of a doctoral dissertation, defining a computer virus as "a program that can 'infect' other programs by modifying them to include a possibly evolved version of itself."
Overall, an A+
I'm glad to say that these are some of the best results from any of Support Republic's Pop Quizzes. Because security is such an important aspect of IT support I'm comforted that at least 70 percent of those who took the quiz answered questions 1 through 4 correctly. As I've mentioned in my previous pop quiz results articles, you get the TechPoints for just taking the quiz, not for getting all the answers correct. Good luck on our next pop quiz.
You be the teacher
If you have a topic you'd like us to cover in an upcoming pop quiz we want to hear about it. Post a comment to this article or drop us a line and share your suggestions for both quiz topics and questions.
Bill Detwiler has nothing to disclose. He doesn't hold investments in the technology companies he covers.
Bill Detwiler is Managing Editor of TechRepublic and Tech Pro Research and the host of Cracking Open, CNET and TechRepublic's popular online show. Prior to joining TechRepublic in 2000, Bill was an IT manager, database administrator, and desktop support specialist in the social research and energy industries. He has bachelor's and master's degrees from the University of Louisville, where he has also lectured on computer crime and crime prevention.