Guarding Against Computer Viruses

MARCH 6 came, and Michelangelo didn't show up. Neither did his pals Den Zuk and Disk Killer.

I suppose I should be grateful. These computer viruses can destroy data and put machines out of commission.

It's just that for the past eight months I've been preparing for battle. I've gotten half a dozen antivirus products - software packages with impressive names like Virus Buster and Vi-Spy. I've scanned and rescanned my hard drive. My computer has stayed perfectly clean. It's hard to tell how well antivirus programs do their job if there's nothing to clean up.

There's a lesson here.

For all the hype surrounding the Michelangelo virus, the threat to computer users varies greatly. Business computers should take several measures. Most home machines run little risk.

A virus is parasitic software. It attaches itself to a computer program. When the program is executed, it makes copies of itself to infect other software programs. It jumps to other computers through floppy disks, networks, and bulletin boards. In 1986, when the computer community first noticed the problem, there were four known viruses. Today, there are hundreds. New strains appear every week.

Sometimes a virus displays a message but is otherwise harmless. One of my favorites, from Bulgaria, played Yankee Doodle every day at 5 p.m. - a jab at the country's then Communist government. Other viruses do great damage. Michelangelo reformats and overwrites a computer's hard disk every March 6, the artist's birthday. The process destroys the computer's data.

Michelangelo got so much publicity that it had limited impact. The virus hit 1,350 computers in South Africa, more than 20 in mainland China, several dozen in Israel, and a few military computers in Uruguay, according to news reports.

In the United States, two computer columnists with the Minneapolis Star Tribune estimate that more than 200 businesses lost massive amounts of data because of Michelangelo. Among the few companies who owned up to losses: AT&T and Drexel Burnham Lambert. The US has relatively few virus problems compared with developing nations. There, pirated, often buggy, copies of software run rampant.

That leads to Rule No. 1 of virus prevention: Beware the homemade copies of popular software. If you're going to use a software program, buy it from a reputable dealer.

Rule No. 2: Back up your data regularly. The more important it is, the more often it should be copied onto diskettes, tape, or some other kind of storage device.

Rule No. 3: When you use your diskettes in other people's machines, make sure they're write-protected. That means that no files (or viruses) can be copied to them. You can make any diskette write-protected. On 5-1/4-inch diskettes, cover up the notch on the right-hand side. On 3-1/2-inch diskettes, set the movable tab in the corner so that there's a hole.

These three steps will take care of most stand-alone home computers. If your machine is networked, has several people working on it, or uses diskettes, take further steps.

Rule No. 4: Invest in antivirus software. The National Computer Security Association (717-258-1816) publishes its tests of various packages. Since my system is relatively isolated, I use antivirus software to scan new diskettes before I put them in my computer.

If your system is more open - say an employee uses diskettes to shuttle work between home and office - then install one of the monitoring systems that come with most antivirus packages. These programs keep a continual watch on your system and warn of any suspicious activity. That's good, but it can slow you down. Often, the software I used warned me about operations that were perfectly legitimate.

Rule No. 5: Keep the antivirus software up to date. Several computer companies got infected with Michelangelo because they weren't using the latest versions of their antivirus program.

Rule No. 6: Institute safe-computing practices. These can be as simple as backing up your data every Friday. In business circles, they might involve regular scans of the computers and rules concerning nonbusiness diskettes. The computer security association puts out a helpful survival guide.

We want to hear, did we miss an angle we should have covered? Should we come back to this topic? Or just give us a rating for this story. We want to hear from you.