While the first computer viruses which came about may have been non-malicious and existed simply to demonstrate the abilities of the programmer (if it’s making unauthorised changes to a system, it’s a virus) these annoying snippets of the code-writers brilliance very quickly developed into more malicious types of viruses, as the writers of these pieces of software realised they could make money through a number of different mechanisms.
The methods of monetising viruses range from simply stealing processing power, to spam emails (for advertising, further spreading of viruses and the spreading of political views etc.) through to potentially destroying vital data and the subsequent blackmail demands that follow.
There’s a huge range of techniques for spreading viruses, again evolved as technologies advanced and pro-grammatical techniques developed for infecting, replicating and hiding the viruses.
The main ‘vectors’ of infection and attack can broadly be classified as bugs or vulnerabilities and social engineering or bad security practices (either application code, system, or network). Replication methods can vary through from self-replicating viruses, which endeavour to create copies of themselves to further infect other machines, through to simple methods which are reliant on interaction with users (browsing a web-site, downloading and running a file).
Because there’s such a wide range of aims and techniques used for attacking systems and seeking out vulnerable data ripe for exploitation, there has to be a wide range of methodologies for preventing them and securing the data.
These range from actively looking for and blocking specific code as it arrives or is separated prior to execution e.g. Anti-Virus, Host IPS, Network IPS, Next Generation Firewalls, Web Proxies, Email Gateways, through to specifically allowing certain code (Application Control, File Integrity Monitoring). For protecting data, there’s a whole different range of technologies; Device Control Disk Encryption, File & Folder Encryption, SSL, Encryption, IPSec, DLP. The list goes on and on….it’s a cat and mouse game as new techniques of attack are developed and new methods of protection are created to mitigate, quarantine, de-risk or block.