News
Feature
In Brief
Photo Feature
Healthy Lifestyle
Sports and Recreations
Bulletin Board
Letters
Chinese Version
Offbeat Home Page
HKP Home Page
Offbeat Archive


Staying immune to viruses



With the recent spate of computer virus attacks, like the 'Lovebug', many may be wondering whether the Force's systems are safe. OffBeat recently posed the question to Information Systems Wing.

Computer viruses have existed since the advent of mainframes in the 1960s and were originally pieces of code maliciously imbedded in programmes and activated when a certain set of events occurred.

In the 1980s, malicious code started appearing in desktop PCs, usually spread by infected floppy disks and pirated software. With the 1990s' email boom, the viruses adopted a new and more powerful means to spread world-wide.

Ivan Kam of the Information Technology Bureau Desk Top support team said: "Viruses are still, fundamentally, pieces of malicious code, but in order to damage your hard disk they must be executable on your machine. MS Windows machines will only execute code which has certain file extensions (the letters after the "." in the file name).

"The most common are ".exe"and ".com", and so viruses which have these extensions are potentially the most dangerous. Microsoft has developed applications executing other file types also, the most common being'.vbs' (Visual Basic Script). This script will execute on many MS applications, including MS Outlook, and this was the one used by 'Lovebug'.

"The MS Office suite also employs "Macros" and "Templates" to automatically configure and format word processing features. These can also contain viruses causing erratic behaviour when using your word processing programme."

Ivan said the Force relied on a number of policies for virus protection. As it was still possible to upload bugs using a floppy disk or CD Rom, the CTA programme installed in most machines prevented the installation of new programmes without the System Administrator's permission.

"User discretion is still required because of the existence of viruses which do not require the installation of a programme, like macro viruses in Word documents," he said.

All Force machines have anti-virus software installed and the ITB Anti-Virus Administrator monitors the latest bugs.

"We are committed to updating virus definitions twice a month and before a Virus Definition update, a PEN message will be sent notifying the date and time of the software distribution," he added.

"For virus protection of standalone machines, the latest virus updates are always available for download on POINT."

How does the Force stop viruses getting into the PDN? Kieran Wright of ePol in ISW looks after the Internet gateway and had this to say.

"For email received by the Force, the Internet Firewall scans all attachments for potential viruses. Any detected are quarantined and we inform the recipient. Although the anti-virus software in use can detect some new viruses without being told about them, the system is not fool proof and 100% protection against attack requires a little common sense and co-operation from users."

Kieran gave the following advice: "Do not give your email address to websites that use the information without regard for the privacy of their users, such as most 'greeting card' sites. Email addresses ending up in directories are the most susceptible to attack. Also, if you receive an attachment with an .exe, .com or .vbs extension, do not open it unless you trust the sender."

He said ISW often received requests for direct dial-up Internet access for machines on the PDN, or access to POINT from outside the firewall.

"We refuse these because it allows backdoor entry into the PDN which would negate the value of the firewall. Users must realise the protection of a very large network differs from that of a single machine."

And although the Force did not receive any 'Lovebug' mail, we could not be complacent.

"Although we use Lotus Notes as our email client, and the virus targeted Microsoft Outlook, we do use many Microsoft products susceptible to attack," he said.

"Also, there is no reason to assume other company's products are more secure as it is likely Microsoft has achieved notoriety in this regard because of its high profile and market share."