A Brief History of Computer Viruses

Computer viruses take many forms these days, and seem to be lurking everywhere on the Internet, whether in the form of trojans, infected Web sites, or worms that eat bandwidth and slow computers to a crawl. Some of the same concepts and techniques are used by virus creators these days as were used by those that created the first viruses. The methods of transmission have changed: notably you almost never see floppy drives these days, and when you do the computer doesn't boot from the floppy, unless it is an antique! That's where most of the early viruses slept and infected from; the boot sector of floppy disks. Interestingly what might have been the first personal computer virus was Elk Cloner, which infected Apple II computers via the boot sector of floppies. That was in 1982.

Over a decade earlier 1971 saw possibly the first computer virus. It infected computers on the network that was the forerunner of the Internet: ARPANET. This was the creeper virus. These computers weren't personal computers. But with the spread of personal computers in the 1980's, virus writers found a fertile new field to infect. 1988 saw the Morris worm in what may have been the first intense worm infestation. The Morris worm was an accidentally infectious creation. Worms in recent times are made intentionally to spread as quickly and aggressively as possible. Some have slowed portions of the Internet to a crawl or crashed many thousands of computers.

As program suites such as Microsoft Office became a commodity sold with every new PC, and users of Ms. Word were common in businesses, homes, and schools, macro virus epidemics became possible. In 1999 the Melissa virus (a Word macro virus) spread using Word's built-in macro language, using it to send e-mails to the user's contacts. Another virus during that time period (in the year 2000) spread very rapidly by using e-mail as a vector. This was the ILOVEYOU virus. Users would soon have to learn that even mail sent from friends couldn't be trusted.

As Internet access became more and more widespread, and the bandwidth of Internet connections increased, the ability of viruses to spread faster than any human disease became the norm. In 2001 the Nimda virus used multiple methods of infection, and was one of the most rapidly spreading viruses ever seen. It also infected more systems than possibly seen before. Total infection counts are always estimates, however.

As Web sites proliferated they also became more sophisticated and often used for online commerce. This required databases, and on Microsoft server systems the common database was and is Ms. SQL Server. The SQL programming language became a vector for virus infection by SQL code injection. Desktop computers often held a small simple version of the SQL core, and this too could be infected. Viruses such as SQL Slammer in 2003 spread rapidly and were notable for their tiny size, composed of SQL code.

Recently, (in 2008) there was much news and hype about the Conficker Worm. It didn't turn out to be as bad as expected regarding its planned attack from infected systems on a particular date due to the preparations of ISPs. See my articles on the Conficker worm and how to protect against it to learn more.

If we don't learn from the past we are doomed to repeat it, so the saying goes. This is definitely true with computer viruses of all types. For more information, check out my articles on how computer viruses are made, how they spread, what computer worms are, how to protect against computer worms, the differences between worms and viruses, and what trojan horses are.