What Is a Computer Virus?

A computer virus is a type of malware that can replicate itself, spreading to infect new systems. However, unlike a computer worm, viruses require human interaction to replicate.

Read the Security Report Request a Demo

What Is a Computer Virus?

How Does It Work?

Computer viruses are notable for the fact that they attach themselves to other programs. After the virus malware has attached itself to an executable, the malicious code is run whenever the legitimate executable is run. The virus propagates by attaching itself to additional files and programs. By attaching itself to files that move from one computer to another — such as an attachment to an email or a file that is located on a shared storage drive or removable media — the virus can spread itself to other machines.

A virus’s replication mechanism is only the means by which it moves to infect additional systems. The malware also will include some other type of malicious functionality. For example, a virus may act as an infostealer, encrypt data as ransomware, or provide a backdoor via which an attacker can access an infected system.

How Do Computer Viruses Spread?

Computer viruses attach themselves to files, and come along for the ride when these files move from place to place. Some of the common mechanisms that computer viruses use to spread themselves to new computers include:

  • Downloads: Files available for download or shared via cloud services can be infected with computer viruses or trojans.
  • Email: Attachments to phishing emails may contain computer viruses.
  • Removable Media: Viruses can infect files stored on removable media — USB sticks, removable media, etc. — and infect files on other devices that these devices are plugged into.
  • Messaging Apps: Infected files can also be spread via messaging services, such as SMS, social media, and corporate collaboration apps.

Types of Computer Viruses

Viruses come in various different forms. Some of the common types of viruses include the following:

  • File Infector Virus: A file infector virus directly infects executable files with malicious code. They spread by infecting new files across systems and networks.
  • Boot Sector Virus: A boot sector virus infects the master boot record (MBR) on a computer. When the system boots, the code is loaded and executed.
  • Macro Virus: Microsoft Office macros store and execute code within an Office document. Macro viruses use this functionality to embed malware in documents that runs when the document is opened and macros are enabled.
  • Resident Virus: A resident virus infects applications when a user runs them. Non-resident viruses can infect additional programs when they are not running.
  • Multipartite Virus: Viruses can infect a system and spread via different means. A multipartite virus can use multiple various techniques to do so.
  • Polymorphic Virus: A polymorphic virus has the ability to change its own code while retaining its malicious functionality. These transformations make the malware more difficult to detect with signature-based detection systems.

Virus vs. Malware

The terms malware and virus are often used interchangeably to refer to software that infects a computer and performs some malicious actions. However, while all viruses are malware, not all malware are viruses. Viruses are distinctive because they infect other, legitimate files with malicious code. Other types of malware exist, including malware that is spread as standalone, fully-malicious executables.

Computer Virus Prevention

Computer viruses can pose a significant threat to an organization’s endpoint security. Some best practices that an organization can implement to mitigate this threat and protect itself against computer virus infections include the following:

  • Employee Training: Viruses differ from worms in that they require human interaction to spread. Training employees about the threat that viruses pose can help employees to identify and avoid actions that place the organization at risk.
  • Endpoint Security: Viruses are a type of malware and infect an organization’s computers. Endpoint security solutions — endpoint detection and response, etc. — can identify and eradicate virus infections on a computer.
  • Email Security: Email is a common infection vector for viruses. Scanning email attachments for malicious code can help block viruses from reaching an organization’s systems.
  • Web Security: Viruses can also be spread via infected downloads. Web security solutions can scan files before they are downloaded or isolate web browsing from the rest of an organization’s systems.
  • Vulnerability Management: Viruses may exploit unpatched vulnerabilities to gain access to and spread between an organization’s systems. Promptly installing patches and updates can block vulnerabilities from being exploited.

Prevent Computer Viruses with Check Point

Since a computer virus is a type of malware, a strong endpoint security solution is one of the best ways to protect against malware. An EDR solution can identify the presence of a virus on a device and its attempts to spread and take action to eradicate the infection.

Check Point Harmony Endpoint provides comprehensive protection against computer viruses, other malware, and other threats to the security of an organization and its endpoints. To learn more about how Harmony Endpoint can enhance your organization’s endpoint security posture, feel free to sign up for a free demo today.

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK