The goal of the Computer Security 101 series is to provide an introduction into the basic technology and the terminology and acronyms associated with computers and networks. Armed with an understanding of these things users will be better prepared to defend against existing or potential threats to their computer and network security.
Within the space of a single introductory article it is impossible to cover every aspect of the virus / antivirus topic. I will attempt to provide as much knowledge as I can without overwhelming you. For those of you who would like more in-depth information and detail about how viruses or antivirus works I suggest taking a look at the links at the right of this article.
To begin with we should introduce some terms common to antivirus issues and clarify the distinctions between each of them. The first and primary term is Virus. A virus is malicious code that replicates itself. New viruses are discovered daily. Some exist simply to replicate themselves. Others can do serious damage such as erasing files or even rendering the computer itself inoperable.
A Worm is similar to a virus. They replicate themselves like viruses, but do not alter files like viruses do. The main difference is that worms reside in memory and usually remain unnoticed until the rate of replication reduces system resources to the point that it becomes noticeable.
A Trojan (or Trojan horse) is called such as a reference to the story of the Trojan horse from Greek legend. It is a malicious program disguised as a normal application. Trojan horse programs do not replicate themselves like a virus, but they can be propagated as attachments to a virus.
The term Backdoor is used to describe a secret or undocumented means of getting into a computer system. Many programs have backdoors placed by the programmer to allow them to gain access to troubleshoot or change the program. Some backdoors are placed by hackers once they gain access to allow themselves an easier way in next time or in case their original entrance is discovered.
Malicious code is a catch-all term used to refer to various types of software that can cause problems or damage your computer. The more common classes of programs referred to as malicious code are the previously mentioned viruses, worms, Trojan horses, macro viruses, and backdoors. But, malicious code can also be used as a general term to refer to other malicious or destructive programs not covered by those definitions.
A biological virus spreads from host to host by replicating. In other words, the virus attaches itself to a healthy cell and more or less hijacks the cell. Once it has taken control of the cell it begins to replicate itself- creating more and more copies of the virus which in turn will create more copies of the virus. Eventually, through a sneeze, a cough or a handshake, the infected cells make their way to new hosts and begin the process again.
Computer viruses were named such because of their similarities to the biological virus process. A virus program will attach itself to good or healthy files on the computer system and proceed to spread and infect other files on the system. Eventually, through email, open ports or network shares, the infected files make their way to new hosts and begin the process again.
Computer Security 101: Lesson 6