Skip to Content
Agent and Broker Technology Issues

Virus Risk Management

Steve Anderson | October 21, 2000

On This Page
Strings of vertical binary code with words cyber attacks in red

Infection by a hidden virus in email is perhaps the biggest technology hazard most companies face. An email virus can literally shut down a business in a matter of minutes. This article provides steps for managing this risk.

Email use is skyrocketing. As a larger share of business communication is completed using email, the risks associated with email must be recognized and managed. Infection by a hidden virus in an email is perhaps the biggest hazard a company faces. An email virus can literally shut down a business in a matter of minutes. This risk must be managed just like any other risk a business faces.

A computer virus is a small software program designed to replicate and spread, generally with the recipient being oblivious to its existence. Viruses can come from a variety of sources and be spread in a variety of ways. In the past, computer viruses spread by attaching themselves to other programs (e.g., word processors or spreadsheets application files) or to the boot sector of a floppy disk. The virus can infect or become resident in almost any software module, including an application, operating system, and system boot code or device driver. Today, virus programs are distributed as an attachment to an email message. When the email is opened, the attached virus program is activated or executed.

What makes viruses dangerous is their ability to perform an event. While some events are benign (e.g., displaying a message on a certain date) and others annoying (e.g., slowing performance or altering the screen display), some viruses can be catastrophic by damaging files, destroying data, and crashing systems. At the very least, viruses expand file size and slow real-time interaction, hindering computer performance.

Many virus writers seek only to infect systems, not to damage them; so their viruses do not inflict intentional harm. However, because viruses are often flawed, even benign viruses can inadvertently interact with other software or hardware and slow or stop the system. Other viruses are more dangerous. They can continually modify or destroy data, intercept input/output devices, overwrite files, and reformat hard disks.

Virus authors have learned how to extend their reach by using the macro-programming language included with Microsoft Word to include a virus in a Word document. Documents and other virus-infected files can be attached to an email message and sent to literally hundreds of people in a matter of minutes.

Perhaps one of the more well-known email viruses is the Love Bug virus. When activated by opening an email attachment, this virus sent a copy of itself to every email address listed in the recipients' Outlook address book. Once received, the process was repeated. Thousands of email messages, all the same, were sent in a matter of hours. Email systems became so overloaded with the huge volume of messages, they had to be shut down. Add to this the loss of credibility suffered by businesses that were attacked, and the Love Bug earned the notoriety as the most destructive virus to date.

Virus protection software can now scan email messages looking for viruses. You need to make sure your software is up to date and is being used by your staff. Every program also has the ability to update the virus definition files used to keep track of new virus. Make sure these are updated every couple of weeks.

Protection

The extent to which we rely on email is only going to increase and, although most people haven't thought about email in the context of virus infections, they need to. Any technology that increases communication among computers also increases the likelihood of being infected by a virus. A number of steps can be taken to provide better protection.

Establish an electronic communication policy. This should spell out guidelines and etiquette that will minimize the use and size of copy lists and outline rules for email that is only for business content. Guidelines for Internet access should also be included. (Refer to the second article in this series, Managing Electronic Communications, for more information on this topic.)

Have users contribute to the policy. Look at work habits to make sure that new policies complement corporate work styles. Make sure you put policies in place that will enhance the ability to use email, not stifle its use.

Block junk mail by working with your Internet service provider (ISP) and teach employees how to use built-in filtering tools. Offer new employees a tutorial on the filtering and filing tools available in the email application you use. Outlook includes a "Rules Wizard" that will help you manage your email inbox.

Create project databases where teams can share information, meeting minutes, etc. Intranet sites can easily support discussion threads, action items, meeting minutes, and more. Also, knowledge databases can be created that capture specific types of information, such as policies, procedures, product information, etc. This will give employees one place to go for standard information, cutting down on email.

Urge users to be prudent about giving out their email address. We recommend you never give out your "private" email address to any Internet site. This helps prevent junk mail before it starts.

Use one of the free email services to create a "public" email address. Whenever you sign up on a website, you open yourself up to receiving unwanted emails. You can send the emails from this public address to a separate folder and scan the messages at your leisure and delete anything that looks suspicious. Some of the free email services (i.e., Hotmail) have virus scanning built into their email servers adding another level of protection.

Set up virus protection software on your email server and every desktop. A number of products are available to search all incoming email for viruses before they are sent to the recipient's desktop. If an email contains a known virus, the program stops the email and notifies the sender, the receiver, and anyone else selected about the problem. In addition, install a virus protection program on every desktop. It can be helpful to use two different software companies to increase the odds that one of them will detect a new virus. [Two examples are Symantec (Norton AntiVirus)—https://www.broadcom.com/ and Network Associations (McAfee VirusScan)—https://www.mcafee.com/]

Keep in mind that these programs can only stop known viruses (those included in the program's virus definition files). Therefore it is important to make sure every virus program is updated with the latest virus definition files automatically online every night.

Create a humor database as an outlet. While it may seem counterintuitive, it is more palatable than banning humorous email messages entirely.

Educate your staff. Your staff is the final defense against virus infections. The Love Bug virus email has a subject line that says "I Love You." Using some common sense, if you receive an email like that from your boss, you should realize it is unusual and be skeptical about opening it.

Write protect Word's Normal.dot. Whenever you start Word or create a new document, Word uses a "Master Template" (NORMAL.DOT - usually located in a folder named "...\MSOffice\Templates" or "...\Microsoft\Templates") to: establish the document's formatting and predefined content; set up AutoText entries, macros, and toolbars; and initialize the custom menu settings and shortcut keys that you routinely use. Since this master template is applied to all new documents as they are created, the large majority of Word macro viruses infect this file. Once this master template is infected, each time you create a new blank document or open an existing document, that document will become infected with the macro virus. Then, if you send that infected document as an attachment file to an email, you will be spreading the macro virus to your colleagues/friends.

To prevent this template file from becoming infected by a virus, you can make it a "Read-Only" file. This means that Windows will not let the file be changed (i.e., written over). To make this file Read-Only (applicable to all Windows operating systems),: Open Word. Go to File, and then New. This will bring you to the General page where several document templates will appear. Right click on the icon named "Blank Document" and left click on Properties. This will bring up a Normal Properties window. Near the bottom, you will see an area named Attributes. Check the box beside Read-Only, click Apply to save the changes, and OK to exit the window. Now, this master template file is protected from being altered by any Word macro virus. If a macro virus does attempt to write to this file, the write action will be stopped.

You will need to reverse this procedure and uncheck this box if you need to install a legitimate Word macro or if you need to modify your standard document preferences. After you have made these changes, enable the "Read-Only" function once more.

Conclusion

Email is an important productivity tool. More and more clients will be seeking to communicate with you and your staff using this tool. Sadly, there is no panacea for the virus problem. It requires everyone in your organization to be alert, exercise common sense, and take some reasonable precautions. You need to pick the settings that are most comfortable (least annoying) for you. As with any tool, only when it is used and managed properly will the users be able to reap its full benefits.


Opinions expressed in Expert Commentary articles are those of the author and are not necessarily held by the author's employer or IRMI. Expert Commentary articles and other IRMI Online content do not purport to provide legal, accounting, or other professional advice or opinion. If such advice is needed, consult with your attorney, accountant, or other qualified adviser.