Of this around £7bn is attributed to ‘espionage’ – most commonly associated with computer viruses.
Below we explain what a computer virus is, what antivirus software is and how it works to protect your IT infrastructure.
What is a computer virus?
A computer virus is a malicious application or harmful piece of code. The virus works by connecting itself to a document, email, file download or program that allows it to perform its code.
Once the virus is on your computer, it will start to perform malicious processes. It might encrypt your data, making it impossible to access without a password or delete it altogether. It might be designed to steal information on your PC, either by copying data directly or by recording screen activity, activating built-in cameras or logging keyboard activity to capture passwords.
A virus can also sit in the background of your PCs activities, allowing cybercriminals to use its processing powers remotely. Commonly PCs can be used in this way to launch mass bombardment attacks on websites and servers to overwhelm them (known as distributed denial of services – or DDoS – attacks). PC processing might also get used for cryptocurrency mining.
Many computer viruses are coded to replicate themselves. They may also make use of email contact books to move across PCs.
You may have an infected computer if you notice these signs
- A blue screen with an error code
- Missing files
- Slow start-up
- Computer programs that close unexpectedly
- Unexpected pop-up windows
- Unusual cursor activity
- Much slower operation than usual
- Sudden crashes and freezes
To protect your data and devices from harmful viruses, you need antivirus software.
What is antivirus software?
Antivirus software is a program or solution that utilises a database of virus signatures and finds executable files matching these signatures. Once the antivirus software detects a virus, it will take action to isolate and remove it from your PC.
How does antivirus software work?
Antivirus software starts by scanning your existing computer programs and comparing them to the known types of virus or malware. The software also checks a PC for behaviour that may show the presence of unknown or new software.
If the software comes across suspicious software, it compares the signature on the file to its database. In case of a match, the program acts to block the virus, isolate it and clean any corrupted files.
Many anti-virus solutions also prevent users from downloading viruses in the first place. They achieve this by assessing the file being downloaded and seeing if it matches a virus signature or file type.
Most will also look at the source of a download (such as the website or file location) and check that has not been compromised or is a known source of malware. This can also include blocking annoying website pop-ups.
The most advanced types of antivirus solutions (such as Sophos Intercept X) will monitor PCs for unusual activity symptomatic of a virus attack. For example, should a PC suddenly begin to encrypt files at speed, the antivirus solution will recognise this as a pattern of a ransomware attack. It will then stop the activity and block all attempts to encrypt anything further.
The importance of antivirus
It’s essential to have an antivirus solution to protect yourself against cyber threats and safeguard your business data from malicious viruses and malware.
Computer viruses – and the ways they are deployed – are growing in sophistication, so that even the best-trained user will occasionally fall for a trap.
And it only has to happen once for you to experience catastrophic damage to your IT: a ransomware virus can encrypt an entire PC in less than 20 seconds, while a worm virus can replicate itself to your entire contact book within minutes (one example is known to have infected over 50 million PCs in less than 10 days).
To have a conversation about the best antivirus solution for protecting your IT infrastructure, please get in touch.