How can I explain what a computer virus is to people who are not familiar with computers and programming?
I think that the similitude with biological system (from which the word virus has been taken from) is good.
Like biological viruses causes the cells behavior to be subverted, computer viruses do the same with computer programs.
They also have other similar behavior:
- both computer viruses and biological ones are self-replicant
- both can't live without an host system
- both are made by small pieces of information (DNA versus Binary Instructions)
The word "virus" helps. Most genetic material is beneficiary, but some is dangerous. Similarly, most computer software is written for the benefit of the user, but a computer virus is not.
Note that I am using the colloquial usage of the word "virus" to refer to all malware. When describing things yourself, be sure to use the term malware to refer to malicious software. A virus is only one type of malware.
Don't go explaining all the different types of malware but rather the effects that they can have:
- They send spam from your computer
- They attack other computers from your computer
- They slow down your computer's performance and internet connection
- They will parse your addressbook and send spam to your contacts
- They will upload your personal files to malicious entities, including your banking information and credit card details
Everyone who uses a computer knows what computer viruses can do (like steal files or cause physical damage, especially because some viruses have already caused physical damage), but not many know how they do it. I think this is what you are getting at with your question. It also is worth mentioning that a computer has no awareness (yet, for those proponents of AI), it simply performs the instructions it is sent.
A virus itself performs malicious tasks on a user's computer (stealing/deleting personal data, corrupting system files, etc...), and since computers run code, the virus itself must exist as pure code. Viruses can exist as stand-alone programs (i.e. their sole purpose is malicious intent), they can pose as "good" programs, or they can infect other programs already on your machine. Viruses spread in all three of these ways, or on a network (I believe this is more correctly called a worm).
In the case of an "infected" program, the virus overwrites certain parts of the application with it's own code, or injects it's own code into the application (so it seems to be working). The computer will then start the application, and begin executing the instructions as normal. Once the virus code is hit, the malicious operation of the virus begins.
What the virus does next is up to the virus creator. It may simply be a proof-of-concept, and may sit in your memory dormant. It may corrupt various system files, send itself to your address book, or sit and wait for you to type in credit card numbers.
These malicious programs/code are called viruses due to their equivalency to the operation of their biological counterparts. Viruses spread and infect a host, much like malware.
One last thing you might want to mention, new viruses can literally "rewrite" themselves on-the-fly. They do this through various types of polymorphism, to disguise the actual code and make it difficult for anti-virus software to detect them. Newer anti-virus programs rely on heuristic analysis of programs, and determine what they are trying to do, and if they pose a threat to the system (or not).