In today’s world, most personal information is housed on a computer or in some online space. As this volume of data increases, so does a hacker’s incentive to steal it. Cyber threat is extremely present and for this reason, cyber security is an important topic to discuss.
Between 2004 and 2013, over 1 billion records of personal information were stolen or leaked
Over the years there have been thousands of thousands of viruses spread online and they have created billions of dollars of damage from lost productivity, wasted resources, and broken machines.
What is Malware?
Malware, which is short for malicious software, is an umbrella term that refers to a variety of harmful or intrusive software, including computer viruses, worms, Trojan horses, ransomware, and other malicious programs. These programs are created by hackers who may want to use your computer to attack other targets, to make money by stealing your personal information, or to simply troll the internet. Different types of malware can affect Windows, Mac, and Linux computers, and the data servers that keep companies and the internet itself running. Here are a few good terms to know:
- Computer viruses: Any kind of code that is designed to do harm and spread itself to more computers. Viruses almost always corrupt or modify files on a targeted computer.
- Worms: A standalone program that replicates itself in order to spread to other computers. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth.
- Trojan horses: Think of the of the story of how the Greeks concealed themselves in order to enter Troy. A Trojan Horse is any malicious computer program which misleads users of its true intent. Using social engineering, a Trojan Horse will gain a users trust by acting reputable and then coaxs the user into performing actions or divulging confidential information. Unlike computer viruses and worms, Trojans generally do not attempt to inject themselves into other files or otherwise propagate themselves.
- Ransomware: A form of blackmail when a hacker steals or threatens to destroy your computer assets until you play a release fee of anywhere from $400-$1000.
- Drive-by download: When a user visits a web page and a malicious program downloads in the background.
Historial Malware Attacks
A few cyber attacks have become well known for either their place in time, their pervasiveness, their destruction, or a combination of all three. Here are the ones I found most interesting.
Creeper & Reaper, 1971
For the most part, malware in the 70’s, 80’s, and 90’s was more annoying that harmful. The history of cyber security began with a research project lead by Bob Thomas. Bob realized that it was possible for a computer program to move across a network, leaving a small trail wherever it went. In 1971, he designed Creeper, a program that traveled between Tenex terminals on the early ARPANET, printing the message “I’M THE CREEPER: CATCH ME IF YOU CAN.” A man named Ray Tomlinson saw this idea and liked it. He tinkered with the program and made it self-replicating—the first computer worm. He then wrote Reaper, the first antivirus software—which would chase Creeper and delete it.
The Morris Worm, 1988
The next monumental event the world of cyber threat came from a man named Robert Morris. In 1988 Robert wanted to gauge the size of the internet. To do this, he wrote a program designed to propagate across networks, infiltrate Unix terminals using a known bug, and then copy itself. The Morris worm replicated so aggressively that the early internet slowed to a crawl, causing untold damage.
The Melissa Virus, 1999
Que the rise of phishing: the fraudulent practice of sending emails designed to look reputable in order to induce individuals to reveal personal information. When the Melissa Virus was rampant, a person would receive an email with the subject “Important Message.” The email read “Here is that document you asked for … don’t show anyone else ;)” and included a single attachment. When the user opened the word doc, their computer would automatically open a multitude porn sites on their computer and send the email out to 50 of the users contacts from their address.
Effects: In just a few days, Melissa spread to hundreds of thousands of computers though Microsoft’s Outlook email program, but did not inflict damage to the computer itself. Email services however were significantly slowed down and this virus cost companies about $80 million overall.
ILOVEYOU Virus, 2000
Similar to Melissa, this email virus was very successful because leveraged social engineering; it was designed to make people curious enough to open the attachment. The infected email contained the subject line “ILOVEYOU” and came with an attachment titled “love-letter-for-you.txt” When opened, the virus wiped all local computer files overwriting everything with copies of itself. Meanwhile the virus would send itself to everyone in your address book.
Effects: Reached 45 million computers in just two days and caused $10 billion in damage.
Slammer was a worm that targeted SQL servers which store databases using Microsoft SQL Server. The worm worked by taking advantage of a bug in the software by sending the server a specially formatted piece of code that appeared to be an ordinary request for information, but actually reprogrammed the server to send out more copies of itself. These servers would then send requests to thousands of other servers, which could not handle all the traffic.
Effects: Slammer was extremely pervasive and infected 75,000 servers in just 10 minutes. Millions of servers were affected by this worm and and Slammer caused the internet to slow down to an unusable speed for users all over the world, if not crash. It is believed that Slammer caused about $1.2 billion dollars of damage.
The main goal of Mebroot was to hook the user’s computer up to a botnet called Torpig. Mebroot enters a users computer via a drive-by download and from there it overwrites what is known as the Master Boot Record, the part of your computer’s record that stores the instructions that tell your computer how to start up. This allowed Mebroot to instruct the computer to connect to Torpig which then steals all of your information. Torpig use a spying technique known as Man-in-the-Browser by lurking in the user’s browser logging activity and any private information entered.
Effects: By late 2008, Torpig had stolen information connected to 500,000 bank accounts.
ZeroAccess Botnet, 2013
A botnet similar to Torpig, ZeroAccess botnet spread through a variety of channels, but most commonly via drive-by-download. Once infected, a users computer would earn the hacker revenue though bitcoin mining and click fraud.
Effects: Known as one of the largest botnets in history, ZeroAccess affected over 1.9 million computers.
WannaCry Ransomware, 2017
WannaCry is a ransomware worm that spread rapidly through across a number of computer networks by exploiting a Windows implementation. Once launched, the worm attempts to access a hard-coded URL (the so-called kill switch), and if it can’t, it proceeds to search for and encrypt files, leaving them inaccessible to the user. WannaCry then displays a ransom notice, demanding $300 in Bitcoin to decrypt the files.
Effects: Though its lifetime was only 4 days, WannaCry is responsible for over 200,000 victims and infecting more than 300,000 computers. According to one modeling source, economic losses from this cyber attack may have reached up to $4 billion.
If you are feelings uneasy about your computer security after reading this blog, rest assured, there are measures you can take to reduce cyber-threat. Install anti-virus programs, do not click on suspicious emails or links, and keep your operating systems and computer programs updated with the latest security patches. Computer security comes from consumer diligence and reading this post was a great way to start this effort! Thanks for making it to the end 🙂