Here’s A Throwback to Malware Gone By…

Author Name
By David Smith
Group CEO
Posted 29/01/2019

As the rise of software has continued and modern computing has developed, so too has the rise of malware.

It seems we simply cannot have one without the other these days and truth be told, most of us, at one time or another will have encountered some malicious software in some shape or form.

To understand the malware of today, it’s important to understand the malware of yesterday and how these nefarious programmes came to exist. 
 
Where did it all begin?

Surprisingly enough, malware didn’t actually start out with the intent to harm, steal, intimidate or manipulate as many of today’s modern malware intends. As Digital Trends notes, it was in fact, aimed at discovering what computing could really do, by pushing the boundaries of what was possible at the time.

The term ‘virus’ actually cropped up as early as 1949, but it was the Creeper Worm of 1971 that is typically recorded as the first instance of a computer virus, and it was this code that provided the very first real-world insight into the types of problems self-replicating code could cause.

One big question the Creeper Worm raised was; what do you do with such software or code, once it has been launched? The answer, perhaps unsurprisingly, was to create anti-virus software and this gave rise to the ongoing battle we still face today; protecting computer programmes and software from cyber-attacks.  

Several viruses followed the Creeper Worm and most were very similar in nature. In fact, it wasn’t until 1982 when a new wave of viruses appeared on the scene. It coincided with the invention of the PC and people started creating viruses that could be spread through floppy disks. Using the floppy disk as the method of infection to spread the virus was a game changer because it was a new attack vector, people just didn’t see it coming, and changing the way a virus is spread is typically what most new malware still exploits today.

As personal computer usage increased and the internet expanded, especially throughout the world of academia, things shifted again and viruses began to use email as their attack vector. The Morris worm of 1988 was the father of these types of viruses, exploiting two flaws found in the Unix Protocol. This worm was so powerful, it effectively took down the internet such as it was in 1988, and became the “proof of concept” for many other new viruses created around the same time, the most notable of which has to be Michelangelo.
 
What made Michelangelo so successful?

Discovered in the early 90s, according to We Live Security, the Michelangelo virus was aimed at infecting DOS systems or rather more specifically, the master boot record of the hard disk and the boot sector of floppy disks. What gave this virus an extra edge though, was a ticking time bomb element whereby the virus would be activated on March 6th of any year (March 6th being the birth date of Renaissance artist Michelangelo and hence the name of the virus). On this date, the virus would completely overwrite any diskettes it found, making information retrieval virtually impossible. The only escape from Michelangelo at the time, was to hope your computer wasn’t running when the virus thought the date was March 6th, a very slim chance of protection by all accounts.
 
The dark is rising

Even though some of these early viruses did disrupt the internet so to speak and cause damage to many computer systems, compared with the malware of today, they were still overall, relatively benign. Most were still created with that original intention of pushing the boundaries of what computing could do, and less so to cause damage or disruption. And that’s probably just as well because while malware was developing, changing and becoming more complex, anti-virus software at this time, still had one heck of a long way to go. It was as the internet continued to grow throughout the 90s and 00s, that the world of malware took a more sinister turn. The internet was no longer a small community of individuals and was now a global business, making millions and millions of pounds every year, giving rise to greed as the main motivation for much of the malware that followed.

Adware and Spyware grew from this greed, especially as companies began to make serious money from ad clicks. Perhaps even more alarmingly, it was no longer just computer programmers striving to show off their skills that were behind much of the malware being created, now it was organised criminals running the show. Under the control of real criminals, pre-packaged malware kits began to appear online and this really upped the stakes for the anti-virus researchers.

In 2006, new attack vectors were introduced, just like they were back in the 1980s only this time, it was social engineering that was leveraged to trick people into clicking malicious links, typically in emails, so criminals could steal all important logins, bank information and pin codes. 

Eventually malware, and in particular the pre-packaged malware, went up for sale. Criminals realised, they could sell malware on as tool for others to use, and still make some serious money and as malware became a saleable product, it became more “professional” too, with the malware creators even offering support and updates for the software!

On the plus side, the general public did become wise to the suspicious links in emails and tricking users into clicking them was becoming harder and harder as things moved through the early 00s. Unfortunately, though, the malware writers as usual were one step ahead and developed a way to install malicious software on devices automatically. They exploited the fact that software in general was becoming more complicated and as it became more complicated it typically required more than one software developer to create it and therein lies the vulnerability.

By 2009, the use of malware appeared to be well established and solely in the hands of the criminals. However, later that year and into 2010, the world discovered that malware could even be used as weapon, giving rise to digital warfare. The Aurora attack on Google was the first example of a nation using malware to flex its military muscles. But if Aurora was the first, then Stuxnet was the arguably the worst, entirely sabotaging Iran’s nuclear program, but alas, neither of these was the last and today this type of malware is relatively commonplace.

By now surely, you’d think the evolution of malware would be over right? Wrong! The next major shift in malware development came with the rise of the crypto-currency Bitcoin. Now we should mention that Trojans and ransomware had actually been floating around since the late 80s, but as Bitcoin grew in popularity, so too did this kind of malware. Moreover, it is no longer typically individuals and easy targets being victimised with ransomware, it’s big companies too because as ever, the malware writers have followed the money and it seems many big businesses are often willing to pay! Frustratingly, it can often be “cheaper” (at least in the short term) for big businesses to pay hackers ransom than to properly invest in updating their cyber security.
That’s probably why today, ransomware is still one of the biggest threats to modern businesses because as more and more transactions happen online, the scope for businesses to lose money if their IT systems fail is getting greater and greater. Luckily, anti-virus software and public knowledge and education around cyber-attacks is finally catching up with the hackers and malicious software developers and while the old ways still work, like regularly resetting passwords, avoiding suspicious links and keeping software up to date, there are new ways businesses and individuals can protect themselves online including penetration testingencryptionbackup solutions and disaster recovery planning.

For even more throwbacks to vintage malware, we recommend paying a visit to The Malware Museum and of course, if your concerned about your cyber security, then please, talk to our experts today.