The Evolution of Computer Viruses

The Evolution of Computer Viruses
Page content

The History of Viruses

There shouldn’t be a single person out there who doesn’t get a slight shiver down their spine when they hear the word “computer virus.” It conjures up images of nasty malware deleting your work and photos, stealing your information and putting anything else it can find online.

But just how did we get here? Viruses have had a surprisingly long history, and some fairly interesting developments along the way. Just how have they changed since the beginning?

The First Viruses

Computer viruses actually had a fairly simple start. Considering the behemoth that they are today, you’d be shocked to see what people were working with 40 years ago.

This is one of those categories that you have to split, since there were two cases for original viruses. The first true virus was the Creeper virus, which was released back on ARPANET in 1971. It wasn’t exactly a terror. For the most part it just spread itself and put the message “I’m the creeper: catch me if you can” onto infected machines. After a brief reign it was brought down by a counter-virus called the Reaper[1]. But this was all on a small network, comprised mainly of academics.

Other people would count the first virus as a program made by Rich Skrenta. It was also a fairly simple program. Rich liked to slip small messages and taunts into games that he copied for his friends, but he decided to step it up a notch for the Elk Cloner virus. This little program infected a floppy disk. After that, on each 50th boot up of the computer, a weird poem would appear on the screen, reading out:

Elk Cloner: The program with a personality

It will get on all your disks/It will infiltrate your chips/Yes, it’s Cloner!/It will stick to you like glue/It will modify RAM too/Send in the Cloner!

A simple prank would prove to be one of the first shots in a digital war [2].

The Evolutionary Path

Viruses have obviously come a long way since then. One interesting thing to note is the change in medium. Those original harmless viruses, and the malicious ones that followed, relied heavily on infecting a medium. Viruses moved from computer to computer by adding themselves to floppy disks and hitching a ride to a new station. This would stay a popular method of transfer up until the early 2000s, when exploits over the Internet came into popular.

It didn’t take long for things to get slightly more advanced. Viruses soon began to infect word documents and excel spreadsheets through exploits, which made it far easier for viruses to conceal themselves. It also didn’t take long for email to get in on the action. Microsoft Outlook was a popular target for new malware.

A popular choice was to send an infected attachment in the body of an email. Once it was opened, it would infect the computer and look at the current contact list in Outlook. Common practice was to pick off the email addresses of the top 50 contacts and then use the infected account to send out more of the infected emails. Since it would look like a message from a friend, the chance of opening the attachment was higher. This process could then continue and infect large numbers of machines. Major viruses like the Melissa virus [3] and the Love Letter virus [4], used this format.

The closest thing to a true advancement would be a little variety. Malware programs began to take advantage of new technologies, like cross-site scripting, to run their programs on otherwise safe websites. The ultimate goal was for a virus is to be able to infect a user by simply getting them to load a script. Infected advertisements and hacked websites became a real factor for security conscious people.

The old tricks seemed to stay fairly popular though. Each of these are still threats in their own way, usually toward achieving a few objectives. Some are merely pet projects, existing for the sake of existing. The latest batch has mainly been made to seek a profit though.

Common trends are quite varied. Some stick to simple identity theft, often by recording passwords for later use or sale by the criminal. Others seek direct extortion, by using pop-ups and other tricks to convince the user to pay for a fake virus cleaner or registry repair tool. Search redirect viruses will route your Google services through other search engines to lead you to infected sites. The last section seeks to capture the actual power of the system itself, by adding computers to large botnets which can be used to send out spam or carry out other illegal actions.

The Cutting Edge

The real question of course, is what are the latest developments? The most interesting virus that has shown real effects is the Stuxnet infection, which may be the first real and clear case of cyberwarfare. The Stuxnet worm is special, in that it doesn’t target consumer machines (although it will infect them and do nothing). The virus targets Siemens industrial control software. It’s able to get onto these secure machines by infecting USB drives. Once it’s on a system, it monitors temperatures and interferes with normal operations by turning motors and cooling systems on and off. The malware is incredibly complex, and it appears that it was made using the resources of a powerful country with government support.

Speculation is fairly rampant as to the true target. The consensus seems to be that it was made to directly impair the Iranian nuclear program. It’s believed that the uranium enrichment sites used Siemens equipment that had been smuggled into the country. Nearly 60% of Stuxnet infected machines were reported to be in Iran, which is abnormally high. I’ll leave it to you to put together who would have an interest in stopping Iran from enriching uranium [5].

It also appears that there’s a new variant out, called Duqu. Just a few weeks back, on October 19th, Symantec noted that the new virus appears to use significant portions of the Stuxnet code. It’s targets and motives are unclear as of the writing of this article [6].

Malware and viruses have gone through a lot over the past few decades. New exploits come and go, but the heart of it is always the same. The programs continue to escalate in power, and some very powerful contenders appear to have entered the field.