Computer viruses are an everyday threat, but where did they come from? In this article we examine the history of viruses and how they have changed over time. In some ways they are surprisingly the same, others have gone the way of the dodo.
The Virus Phenomenon
Computer viruses take many forms these days, and seem to be lurking everywhere on the Internet, whether in the form of trojans, infected Web sites, or worms that eat bandwidth and slow computers to a crawl. Some of the same concepts and techniques are used by virus creators these days as were used by those that created the first viruses. The methods of transmission have changed: notably you almost never see floppy drives these days, and when you do the computer doesn't boot from the floppy, unless it is an antique! That's where most of the early viruses slept and infected from; the boot sector of floppy disks. Interestingly what might have been the first personal computer virus was Elk Cloner, which infected Apple II computers via the boot sector of floppies. That was in 1982.
Viruses Through Time
Over a decade earlier 1971 saw possibly the first computer virus. It infected computers on the network that was the forerunner of the Internet: ARPANET. This was the creeper virus. These computers weren't personal computers. But with the spread of personal computers in the 1980's, virus writers found a fertile new field to infect. 1988 saw the Morris worm in what may have been the first intense worm infestation. The Morris worm was an accidentally infectious creation. Worms in recent times are made intentionally to spread as quickly and aggressively as possible. Some have slowed portions of the Internet to a crawl or crashed many thousands of computers.
As program suites such as Microsoft Office became a commodity sold with every new PC, and users of Ms. Word were common in businesses, homes, and schools, macro virus epidemics became possible. In 1999 the Melissa virus (a Word macro virus) spread using Word's built-in macro language, using it to send e-mails to the user's contacts. Another virus during that time period (in the year 2000) spread very rapidly by using e-mail as a vector. This was the ILOVEYOU virus. Users would soon have to learn that even mail sent from friends couldn't be trusted.
As Internet access became more and more widespread, and the bandwidth of Internet connections increased, the ability of viruses to spread faster than any human disease became the norm. In 2001 the Nimda virus used multiple methods of infection, and was one of the most rapidly spreading viruses ever seen. It also infected more systems than possibly seen before. Total infection counts are always estimates, however.
As Web sites proliferated they also became more sophisticated and often used for online commerce. This required databases, and on Microsoft server systems the common database was and is Ms. SQL Server. The SQL programming language became a vector for virus infection by SQL code injection. Desktop computers often held a small simple version of the SQL core, and this too could be infected. Viruses such as SQL Slammer in 2003 spread rapidly and were notable for their tiny size, composed of SQL code.
Recently, (in 2008) there was much news and hype about the Conficker Worm. It didn't turn out to be as bad as expected regarding its planned attack from infected systems on a particular date due to the preparations of ISPs. See my articles on the Conficker worm and how to protect against it to learn more.