30 Years of Cyber Attacks: An Ominous Evolution
Since the first PC virus landed on machines more than 30 years ago, malware has become more sophisticated and dangerous.
On January 19, 1986, the first PC virus was released by two brothers in Pakistan, Basit and Amjad Farooq Alvi, aged 17 and 24 years old at the time. Named "The Brain," the virus, transmitted by floppy disk, was meant to protect software created by the duo from prospective pirates. When initiated, a message would display with the Alvi brothers' contact information.
Though the machines running the virus suffered no real damage, the response was overwhelming for the two brothers, who received calls from around the world.
The Brain proved a relatively innocuous piece of software, a "friendly virus," according to its creators. But since the Brain arrived at a time long before computers, both desktop and mobile, were all connected to one another, malware has become more sophisticated and damaging.
In 1971, 15 years before the first PC virus, Bob Thomas with BBN Technologies created what it is generally considered the first computer worm, called Creeper. Spread through ARPANET, the forerunner of the Internet, the worm would display a message on an infected machine reading, "I'M THE CREEPER : CATCH ME IF YOU CAN."
Creeper wasn't the first self-replicating computer program or the first computer virus, the term for which was only coined in 1983. In fact, Creeper generally didn't replicate itself, but instead jumped from one system to another.
Creeper prompted the development of Reaper, one of the world's first anti-malware applications.
A prank in 1981 by then 15-year-old Rich Skrenta led to the first-ever virus outbreak. His program, the Elk Cloner, targeted Apple II operating systems with a boot-sector virus included on a game disk.
When a player attempted to play the game, it would work until the 50th boot up, at which point the Elk Cloner would display a short poem.
Skrenta only intended to target his friends, but the virus spread beyond his own social network, with Skrenta even drawing the ire of one of his teachers.
Beginning in the late 1980s, virus and worms weren't just small experiments that caused minor headaches. Even if their creators intended no harm, malware began doing real damage.
Created in 1988 by Cornell University graduate student Robert Tappan Morris, the Morris worm was one of the earliest forms of malware to spread wildly over the Internet. Designed to determine the size of the Internet, according to Morris, it infected some 6,000 computers in a matter of hours. The machines infected by the virus became unusable, and had to be disconnected from the Internet to be repaired.
Morris' stunt, which caused damages upwards of $10 million, according to the U.S. Government Accountability Office, led him to become the first person to be indicted under the Computer Fraud and Abuse Act. Upon conviction, Morris received a sentence of three years probation, assigned 400 hours of community service and fined $10,500.
Malware creators looking for a fast buck eventually realized they could hold a user's data hostage in exchange for a sum of money. In 1989, one of the earliest examples of ransomware, a program called AIDS, arrived on the scene.
AIDS was a trojan hidden on a floppy disk sent out to approximately 10,000 users. When users installed the program, which they were warned against doing right on the packaging unless they were "prepared to pay," a message displayed demanding a license fee in return for a decryption key and included an address in Panama for users to send their money.
The 1990s saw an explosion in the number of viruses passing through online channels and infecting users around the world. New cyber threats emerged, including the first polymorphic virus, known as The Chameleon. In response, companies like Symantec developed some of the first anti-virus software available to consumers.
The public's awareness of the potential threat of computer viruses led to the first cyber security hoaxes. The "Good Times" virus, for example, was a malicious program contained in an email with "Good Times" as the subject line. Once downloaded, it would wipe a user's entire hard disk.
The 1990s brought a new kind of malware designed not to disrupt a computer's operation, but instead surreptitiously snoop on a user's activity. These programs were called spyware, a name that first popped up on Usenet forums in 1995.
Because spyware is hidden by design, it's unclear who was responsible for creating and distributing the first such program. In 1999, Steve Gibson of Gibson Research developed the first-ever anti-spyware program, called OptOut, after detecting advertising software he suspected of stealing confidential information.
Although distributed-denial-of-service (DDoS) attacks had been around since the inception of the Internet, they only first rose to prominence in 2000. In February of that year, Yahoo, Amazon, eBay, CNN and other major websites went down in a coordinated DDoS attack orchestrated by a Canadian teenager.
These types of attacks are relatively easy to pull off, but also effective. Software infects host computers that then fall under the control of a single user. When enough machines are pooled together to access a single network or system, the target is overwhelmed and must temporarily suspend services.
DDoS attacks are frequently employed today for political or social reasons, used by activists against high-profile targets, such as major government, military, financial or commercial websites.
With the popularity of social networks and the amount of information the average user has freely available online, cyber attack techniques have evolved with some using nontechnical methods in order to gain access to a user's data. These methods of intrusion are known as social engineering.
One of the earliest forms of social engineering is known as phishing, in which an e-mail or website is masked to appear to be sent from a trusted party, urging users to provide account credentials or other sensitive information, such as a Social Security number. Phishing attacks first emerged in the mid-1990s and are still in use today.
In the 21st century, malware has evolved to the point at which governments can deploy programs as cyberweapons. Stuxnet is one such application, which took an estimated 10 years to develop, that targeted nuclear reactors in Iran.
The complexity of Stuxnet, described by computer security specialists as "groundbreaking," suggested such a piece of software could only be engineered with government backing. The U.S. and Israeli government are widely believed to be responsible for building Stuxnet, though neither has openly confirmed any involvement.
Stuxnet has been described as the first-ever "cyber-missile" due to the precision with which is affected its target within the Islamic Republic despite infecting other systems worldwide. Stuxnet also serves as a warning that critical infrastructure can be put at risk by the cyber threats of the future.