Fundamentals of cyber security

1. FUNDAMENTALS OF
CYBER SECURITY
• By
• M.GOUTHAM ROYAL -
2021BCSE07AED045
• D.SRIDHAR - 2021BCSE07AED051
• K.SAI DEEP – 2021BCSE07AED553
• Section: Cyber security

2. Question:
• Discussion about how the virus spread,
what damage it caused and what steps
could be taken to prevent it

3. A computer virus is malicious code that replicates by copying itself to another program,
computer boot sector or document and changes how a computer works. A virus spreads
between systems after some type of human intervention. Viruses replicate by creating
their own files on an infected system, attaching themselves to a legitimate program,
infecting a computer's boot process or infecting user documents.
Viruses and worms are two examples of malware, a broad category that includes any type
of malicious code.

4. A virus can be spread when a user opens an email attachment,
runs an executable file, visits an infected website or views an
infected website advertisement, known as malvertising. It can
also be spread through infected removable storage devices, such
as Universal Serial Bus (USB) drives. Once a virus has infected
the host, it can infect other system software or resources, modify
or disable core functions or applications, and copy, delete or
encrypt data

5. Types of computer
viruses:
• File infectors
• Macro viruses
• Overwrite viruses
• Polymorphic viruses
• Resident viruses
• Rootkit viruses
• System or boot sector viruses

6. File infectors
Some file infector viruses attach themselves to program files, usually selected COM or EXE files.
Others can infect any program for which execution is requested, including SYS, OVL, PRG and
MNU files. When the infected program is loaded, the virus is loaded as well

7. Macro viruses.
These viruses specifically target macro language commands in applications such as
Microsoft Word and other programs. In Word, macros are saved sequences for commands
or keystrokes that are embedded in the documents. Macro viruses, or scripting viruses, can
add their malicious code to the legitimate macro sequences in a Word file. Microsoft
disabled macros by default in more recent versions of Word

8. Overwrite viruses
Some viruses are designed specifically to destroy a file or application's data. After infecting
a system, an overwrite virus begins overwriting files with its own code. These viruses can
target specific files or applications or systematically overwrite all files on an infected device.
An overwrite virus can install new code in files and applications that programs them to
spread the virus to additional files, applications and systems.

9. Polymorphic
viruses
A polymorphic virus is a type of malware
that has the ability to change or apply
updates to its underlying code without
changing its basic functions or features.
This process helps a virus evade detection
from many antimalware and threat detection
products that rely on identifying signatures
of malware; once a polymorphic virus's
signature is identified by a security product

10. Resident viruses
This type of virus embeds itself in the memory
of a system. The original virus program isn't
needed to infect new files or applications.
Even if the original virus is deleted, the version
stored in memory can be activated when the
operating system (OS) loads a specific
application or service.

11. Rootkit viruses
A rootkit virus is a type of malware that installs an
unauthorized rootkit on an infected system, giving
attackers full control of the system with the ability to
fundamentally modify or disable functions and programs.
Rootkit viruses were designed to bypass antivirus
software, which typically scanned only applications and
files

12. System or boot
sector viruses
These viruses infect executable code found
in certain system areas on a disk. They
attach to the disk OS (DOS) boot sector on
diskettes and USB thumb drives or the
master boot record (MBR) on hard disks. In
a typical attack scenario, the victim receives
a storage device that contains a boot disk
virus. When the victim's OS is running, files
on the external storage device can infect the
system; rebooting the system will trigger the
boot disk virus.

13. signs you may be infected with a
computer virus
1.The computer takes a long time to start up, and performance is slow
2.The computer experiences frequent crashes or shutdown and error
messages.
3.The computer behaves erratically, such as not responding to clicks or
opening files on its own.
4.The computer's HD is acting strangely -- for example, constantly spinning
or making continual noise.
5.Email is corrupted.
6.The amount of storage on the computer is reduced.
7.Files and other data on the computer have gone missing.

14. Preventions on computer viruses
Install Install a hardware-based firewall
Don't download Don't download files from the internet or email from unknown senders.
Don't click on Don't click on web links sent via email from unknown senders.
Patch Regularly patch the OS and applications installed on the computer.
Disable Disable autorun to prevent viruses from propagating to any media connected to the system.
Run Run daily scans of antivirus software.
Install Install current antivirus and antispyware software, and keep it up to date.

15. How do you remove a computer virus?
• Enter Safe Mode. The process will depend on the version of Windows
you're running.
• Delete temporary files. While in Safe Mode, use the Disk Cleanup tool to
delete temporary files.
• Download an on-demand and a real-time virus scanner.
• Run the on-demand scanner followed by the real-time scanner. If neither
scanner removes the virus, then it might need to be removed manually.
This should only be done by an expert who is experienced at using
Windows Registry and knows how to view and delete system and program
files.
• Reinstall any files or programs damaged by the virus