The silver anniversary of the first PC virus is approaching in January, but even after 25 years, no victory celebration is on the horizon. That first virus, distributed on a 5 1/4 floppy disk, was called the Brain, and it originated in Pakistan as a way to curtail pirating. This boot sector infection, which was fairly harmless, spread around the world in 1986 on floppy disks, introducing the world to a new type of vulnerability. Malicious programming distributed as computer viruses has become exponentially more dangerous since the early attacks as the Internet has provided the platform for rapid, stealthy spread of these and other nefarious cyberattacks.
The individuals and groups behind malicious software today rely on the anonymity and global reach of the Internet, which provides an essentially risk-free environment. Tracking the malware, worms and viruses promulgated today is a challenge across the board, acknowledge computer experts. The origin of nearly 99 percent of new malware is unknown, and it is rare today to get the perpetrators to court and then prosecute them.
The programmers writing worms and viruses and planning cyberattacks demonstrate growing proficiency, steadily improving ingenuity and technical flexibility. Technology and user discipline can thwart the attacks, but preventing them is difficult because deterrence does not apply to those who operate without fear of penalty or consequences.
The biggest change over the years in computer attacks is the people behind them, reports Mikko H. Hypponen, chief research officer, F-Secure Corporation, during TechNet International in London this fall. The individuals responsible have evolved from hobbyists in the early years of personal computers, to criminals in the 2002 to 2003 time frame, and on to those involved in cyber espionage and sabotage. Today, the guilty parties include terrorists as well as nation-states. And none of the categories of actors has gone away, so the problem becomes larger and more wide-ranging.
Today, some experts contend we are moving from cyber mayhem to cyber missiles, as multifaceted software attacks are being used to target specific industries. The original computer worm that surfaced in 1979 was designed to scour a network for idle processors to enable more efficient computer use. Stuxnet, a worm discovered in July 2010, infects, spies on and modifies the control systems of industrial utilities, including nuclear systems. It is the most important malware yet seen, says Hypponen.
Stuxnet is a game changer in the cyberattack arena, as it is the first to target the critical industrial infrastructure, Hypponen explains. This attack required large resources, extensive know how and well-funded research ability. The worm doesn’t replicate over the Internet, but in high-security environments. It targets specific systems and is most likely spread by USB drives. It looks for specific programmable logic controllers, and it changes itself and covers its footprint as it seeks out its target. The origin of this attack, who is involved, what specifically is targeted, whether the attack is still ongoing and whether it was successful are still unclear. Experts are fairly certain, however, that the complexity of the programming and the amount of resources required to undertake something at this level would require involvement from some government.
The term “computer virus” was first suggested around 1983 by Leonard Adleman, a theoretical computer scientist at the University of Southern California, to describe a computer program that can “affect other computer programs by modifying them in such a way as to include a (possibly evolved) copy of itself.” Prior to 1986, various computers, ranging from the Apple II to IBM mainframes, had incurred intrusions that affected their operation, but the proliferation of the virus as a method of attacking systems was still limited until the Brain.
A quarter of a century later, the headache has only gotten bigger.