Over The Horizon

Macro Virus Threat

Although memory-resident virus scanning software has reduced the risk of many types of computer virus in recent years, the last two years have seen an exponential increase in the number of macro viruses.

Macro viruses differ from more traditional viruses in that they attach themselves to Microsoft Word and Excel document files and can make their way into a computer system as infected e-mail attachments. This ability, together with the recent increasing use of the Internet, may partly explain their dramatic increase in numbers.

Previously viruses have not been able to jump computer platforms because, like application software, viruses were machine-specific. Macro viruses however, can be transported from Macintosh to IBM PC machines and vice versa, just as Word and Excel document files can.

The Symantec Antivirus Research Center recently released the world's largest online encyclopaedia of computer viruses with more than 10,000 comprehensive descriptions of virus types. As well as descriptions of individual viruses, the encyclopaedia gives a general overview of what viruses are, what they do, and where they come from.

Despite their name, computer viruses do not develop spontaneously (or at least not yet) and so each new virus must be written by a programmer somewhere. Many viruses are not malignant, that is they do not damage files or programmes. However, since all viruses successively duplicate themselves, even benign viruses are a nuisance because they progressively use up disk space. In addition, it is often difficult to decide whether a given virus is entirely benign. Even when it appears to be doing no more than duplicating itself it may be waiting for a trigger event, such as a Friday the 13th, to cause havoc.

In January the popular Yahoo Web search-engine company had its security breached by a group of computer hackers. The hackers then proceeded to inform many of Yahoo's customers that if they had used the Yahoo web site in the last month their computers were now infected with a deadly virus set to wreck havoc on Christmas Day 1998.

The removal of the virus would be performed by the hackers if the Yahoo company secured the release from jail of infamous computer hacker Kevin Mitnick. As it turned out the whole episode was a hoax -- there was no virus and the Yahoo company's databases remained unaffected by the security breach. However, the episode remains a powerful reminder of the potentially devastating effect of viruses.

Many US companies are now adopting virus hygiene policies for the exchange of information between individuals and companies. These policies include such simple precautions as clicking the read/write tab on computer disks into the read-only position before inserting it into an unfamiliar machine, making it impossible for viruses to be copied onto the disk. Other precautions include avoiding risky network behaviour such as downloading files and programmes from unknown sites, and keeping virus scanning software up to date.

Craig Webster is currently a clinical researcher in the Anaesthetics Department at Auckland's Green Lane Hospital.