The Evolution of Malware
by Robert Bond
The Evolution of Malware
Malware has been around nearly as long as computers themselves. Since the creation of the earliest form of computer viruses, the method and intent of malware have evolved dramatically. Beginning with John Von Neumann’s “self-reproducing automata” in 1949, the understanding of how to create programs that can replicate and spread themselves across networks has opened doors to numerous new advances – both good and bad. With each advance has come the need for individuals and organizations alike to find new ways to protect their systems against malicious attacks.
The Creeper Worm – The First Real Virus
The Creeper Worm was the next notable computer virus. Developed in 1971 by Robert Thomas, the virus spread across the ARPANET to remote computers where it shared the message, “I’m the creeper, catch me if you can!” The ability to create such a program that could clone itself was a huge discovery. Although neither the Creeper nor the self-reproducing automata were meant for malicious activity, they clearly opened the door for others to create code, malware and programs that could be spread for malicious intent.
Ray Thomlinson, one of Thomas’ colleagues, developed what would be recognized as the world’s first antivirus software. This revised and newer version of the Creeper, known as the Reaper, could move throughout a network and delete any Creeper files it found. Although Creeper was never meant to cause harm, it revealed very real problems that could be caused by such programs.
Wabbit, Elk Cloner, Brain, PC-Write and the Morris Worm Kicked Off the Virus Era
After The Creeper came Wabbit in 1974. This was another virus that could rapidly copy itself across a network. The program would duplicate itself so fast that it would eventually bog down the infected system and cause it to crash. In the 1980s, we had Elk Cloner, a widespread virus written by a 15-year-old. This virus would display text on infected computers, “It will get on all your disks; It will infiltrate your chips; Yes, it’s Cloner!” As personal computers gained availability and popularity, more people began learning how to use them and how to design and implement viruses. Some of which were used for malicious intent.
Other serious viruses launched in the 1980s were Brain, PC-Write, and the Morris Worm. Although Brain was not intended by the creators to harm other computers, it did infect a large number of computers in the United States and the United Kingdom. PC-Write, on the other hand, was a malicious Trojan virus disguised as shareware. This program would erase all of the user’s files once installed. In 1988, the Morris Worm infected a large number of computers connected to ARPANET. This posed a massive threat and ultimately lead to the conviction of the program’s author, Robert Morris.
Rootkits, SQL injections and of course the ILOVEYOU Worm
Throughout the early 2000s, malware became even more prevalent. The use of rootkits, toolkits, crimeware kits, and even SQL injection attacks rose dramatically. Along with new techniques came even larger infection rates. The ILOVEYOU Worm alone affected over 50 million computers and caused over $5.5 billion dollars in damages. The virus, sent through an inconspicuous email, caused parts of the Pentagon and British government to shut down some of their email servers.
The SQL Slammer Worm was developed in 2003. This vicious attack affected over 75,000 computers in less than ten minutes. The effects from this was slower internet usage worldwide. The Cabir Virus in 2004 was the first to attack mobile phones, while the Koobface Virus the following year targeted social media platforms such as Facebook and Twitter. The Conficker Worm also caused widespread damage in 2008. Not only was the spread and rate increasing with each new development in malware, but also new platforms and devices were being targeted.
Stuxnet – A Whole New Ballgame
In 2010, the Stuxnet Worm was speculated to have been created to attack Iran’s nuclear program and may have had an entire team of programmers behind its development. Backoff was a virus launched in 2014 with the purpose of stealing credit card information from Point of Sale (POS) systems. WannaCry was one of the worst ransomware programs to come on the scene. It affected users around the world and completely locked people out of their accounts and demanded payment to regain access to data.
Ransomware developed in the 1990s and early 2000s brought increasingly diverse and expensive attacks into the public eye. Some ransomware was delivered through email attachments, social media messages, pop-up buttons, or even floppy disk usage. Regardless of the delivery method, the programs were well-hidden and would not lead the victims to believe there was anything wrong until it was too late. CryptoLocker, developed in 2013, was one of the early ransomware programs. The program aimed to make a profit by locking people out of their accounts until they paid to regain access. In a short amount of time, the program infected hundreds of thousands of computers and earned the developers over $3 million dollars in ransoms.
As developments in malware progressed from the 1940s and 1950s, new techniques and uses for malicious software were developed. Programs were no longer harmless or accidentally harmful. They were intended for destruction and corruption. Whether to steal files, spy on computer usage, delete or corrupt files, ransom accounts for profit, or something else, malware has come along way since its beginnings.
As the spread of malware increases, new uses for the programs are being developed as well. No longer carried by floppy disks, viruses have the potential to spread though internet access, email, and far more, posing a threat to individuals, small businesses, corporations, and government entities alike. Unless systems are protected against these attacks, businesses and organizations risk losing data or having their systems crash. The loss in time and money can be devastating.
Making sure your systems are kept safe is essential to protecting your personal files and assets, as well as that of your business or organization. Understanding how malicious software might be disguised or where there are weak areas in your system will go a long way in protecting you from attacks. As new malware is created, it is important to stay vigilant. Corruption from malware can happen to you, and it can cost you dearly if you are not taking precautions against it. IT security professionals consistently emphasize the following four points to stay in front of the malware threat:
- Backup your data – in this age of ransomware, if all else fails, at least you will have the security of knowing your sensitive data is safe.
- Train your employees – help them recognized phishing attacks and the tell-tale signs of brand impersonation e-mails.
- Have a risk management strategy – understand what systems and data must be protected.
- Continuously improve your defense posture – as the evolution of malware suggests, organizations must be vigilant and continuously improve to keep pace with the growing threat.
June 23, 2020
June 16, 2020