A history of cybersecurity threats
Computer viruses have been with us for decades, although in recent years the focus has shifted from lone programmers to groups of cyber-criminals.
Today, rather than viruses being written to help the programmer show off, malware is almost exclusively used as a way to generate money. Whether it is by charging individual users to unlock files or by renting out infected computers to send spam, malware is big business.
The early days
Initially, viruses were few and far between, with only the occasional joke virus infecting a computer. In fact, malware was so little known that the term “virus” was not even coined until 1984, by Fred Cohen, of the University of Southern California, in his paper Computer Viruses – Theory and Experiments.
It was not long after this that, precipitated by the rapid growth of home computers, the first set of real viruses was seen in the wild. The first IBM PC virus was discovered in 1986. Called (c)Brain, it installed itself in the boot sector of a floppy disk. A PC running a (c)Brain floppy would then infect subsequent disks, transmitting itself.
Although (c)Brain was not particularly malicious, merely slowing down access to the floppy disk, it paved the way for viruses that deleted data and caused harm, all transmitted in the same way.
Worms
The big problem with early viruses was that they had a very limited method of propagation, relying on people physically swapping media. It was the mass adoption of the internet that changed that, giving viruses an easier way to spread further and faster. This was the era of the worm.
In 1999, Melissa was the first worm to really get people's attention, infecting Word documents with a macro. When the file was opened, the macro would run, automatically emailing the first 50 people in the Outlook Express address book, attaching the virus and spreading it further. It is estimated that up to 20 per cent of the world's computers were infected, with the virus using a huge amount of internet bandwidth.
Similar worms were to follow, although later variants also exploited flaws in operating systems, distributing themselves automatically, so they did not rely on an individual to open up a file.
Trojan Horses
Virus writers soon worked out that one of the most effective ways to infect people’s computers was to trick them into running them. Trojan Horses present a file as doing something useful, secretly installing malware beneath the surface.
This type of attack can spread via a variety of methods, but largely started out using email distribution like the early worms. Subsequent Trojans have been distributed masquerading as useful software, such as antivirus.
Botnets
Organised crime is now the huge driving force behind malware, with billions to be made from infected computers.
Botnets have become one of the biggest threats. They consist of thousands of infected computers, all controlled remotely and secretly by the hackers. Infected computers can be mined for private information, such as with the Zeus botnet that was used to steal bank log-in details.
More often than not, botnets are rented out to other criminals, who use the network to send spam or mount a malicious denial-of-service attack against websites.
Having remote control of a computer means that criminals can deploy new malware and update existing programs, giving them massive longevity: the Storm botnet, for example, launched in 2004, and is still going strong today.
Ransomware and fake antivirus
Cyber-criminals are now using malware to directly extort money out of people. Fake antivirus is a common scam, where a user will get a pop-up message telling them their computer is infected and to install some software to resolve the issue.
The software “detects” thousands of fake problems and, at best, charges the user to remove them; at worst, it also installs additional software, adding a computer to a botnet.
Ransomware is a relatively new threat, encrypting files on a user’s computer and then charging them to decrypt them, and is often targeted at businesses, whose documents are far more valuable.
Modern malware defence requires not only dedicated software to block malicious attacks but also a workforce that is educated and aware of Trojan horses. Cyber-criminals’ aim is to manipulate otherwise sensible individuals into making a single mistake.
This social engineering can range from simply changing the address that a malicious email appears to come from, lulling the person into a false sense of security, to a criminal conning their way into a building to install a program on an otherwise secure system. As malware writers are showing, even as malicious code evolves, the weakest link is most often a human.
Learn how small businesses from various sectors are employing technology to their advantage by visiting Brother’s business solutions homepage.