Elk Cloner was the product of a Pittsburgh high school student and the bane of Apple II users during 1982, opening a whole new world to pranksters and their computer user victims.
"It will get on all your disks. It will infiltrate your chips. Yes, it's Cloner! …” and with this short verse, the computer virus was born. Elk Cloner was the product of a Pittsburgh high school student and the bane of Apple II users during 1982, opening a whole new world to pranksters and their computer user victims. An MS-DOS virus soon followed; ‘Brain’ hit boot sectors in 1986. Luckily, these early viruses were easily repaired by cleaning the system RAM. But computer viruses have since evolved into a real menace, capable of taking down company networks and destroying important data.
Early on, computer viruses were limited significantly by the absence of large networks. Their only means of spreading was through floppy disks taken from one machine to another. But the growing availability of the internet during the late 1980’s opened a whole new world for virus programmers.
The first widespread network virus was named ‘Morris’, written by a Cornell University undergraduate student. Morris infected a total of 6000 university and military computers. But the next leap in malicious software (malware) distribution was soon to come - email.
In 1999, the Melissa virus covered the globe in a matter of hours, launching its payload when users opened an email attachment. After infecting the machine, the virus immediately grabbed the first 50 names in the user’s address book and sent copies of itself to these contacts. Melissa was quickly followed in 2000 by the ‘Love Bug’, which worked on the same premise but with a slight twist. It enticed users to open the virus by appealing to human nature. It disguised itself as a love letter.
From 2001 – 2004, Code Red, Blaster and Sasser were added. These viruses exploited a security flaw in Microsoft software and were the first ‘network worms’. They created an entirely new threat because they didn’t require users to open them - all they needed was a network connection and they would deploy themselves.
Many users and system administrators were caught off guard with Code Red, which could have been avoided by downloading a security update released by Microsoft a month before the virus struck.
Today, worms, viruses and Trojans have even more opportunities to reach not only your computer but other commonly used electronics as well.
SMS based malware first hit the scene during 2006 – designed to secretly send SMS messages to premium numbers - and many industry experts believe Bluetooth technology will be the next path in virus distribution. Smart-phones and internet ready gaming consoles may make it possible for malware to hop from one platform to another with ease.
Social networking sites, which have recently exploded in popularity, have also been the target of hackers. MySpace and Facebook have both been victims, forcing users to change their passwords to help prevent further attacks.
Viruses are no longer the sole domain of adolescent pranksters but rather a multi-million pound business established to sell porn websites, online pharmacies and/or steal personal information. According to Kapersky Virus Lab, an average of 200-300 new virus samples are received in their office daily. The majority are sourced from network administrators who frequently set up ‘honeypots’; computers placed outside of the network to act as both a physical barrier as well as bait for would-be hackers. However a significant number come from users of infected machines and even other antivirus companies. Though these companies are direct market competitors, they share new security risks between them as a matter of ethical practice to help contain computer virus outbreaks.
A decade ago the number of viruses which could penetrate and infect a computer was less than 10%. Today that number has grown to 75%. The first half of 2008 alone saw 440,311 programs added to Kapersky’s database. Many of these viruses were written by an underground syndicate of coders with a sole purpose – to infect as many computers as possible and harvest personal data.
Most of us have antivirus software and some of us have installed hardware or software firewalls and other malware removal programs to protect our computers and networks. But virus makers remain one step ahead and are always vigilant in finding security loopholes. The days of ‘reactive’ antivirus protection are over. Security software vendors must identify risks before they strike machines because removal after infection can become complicated and costly.
It is a delicate balance in the best of circumstances for security experts to find and close these risks. Since the internet has become critically intertwined with business, finance and commerce, solutions which require taking down a significant number of machines at one time could create global chaos. Add to this the often high costs involved in implementing hardware or software solutions and the task of containing viruses becomes that much harder.
However, simply having antivirus software installed on your computer does not guarantee your safety. Since viruses propagate at lightning speed, it is often necessary for antivirus companies to issue multiple updates daily. Many smaller software companies are unable to do this due to network limitations or cost, leaving their users exposed to security risks. It is not uncommon for worms and viruses to reach the user’s machine long before their antivirus updates do.
Though computer viruses have come a long way in terms of distribution, experts point out that they have not become more sophisticated in design. Most viruses in circulation today are simply variations of their predecessors and hackers often find mass distribution far more appealing than creating the ‘ultimate virus’.