ISA 662 Information System Security 20 Years Of

ISA 662 Information System Security 20 Years Of PC Viruses 1

A Brief History Of Viral Time n n 1982 --- Elk Cloner, widely credited with being the first virus to appear "in the wild" (outside a lab), infects Apple II machines. 1983 ---The term "computer virus" is coined by Fred Cohen, an early virus researcher. He will later formally define the term in his dissertation as "a program that can 'infect' other programs by modifying them to include a possibly evolved version of itself. " 2

A Brief History Of Viral Time n n (continued) 1986 --- Brain. The Brain boot sector virus bursts forth on the scene, spreading upon reboot via a floppy disk left in the A: drive. In addition to being the first PC virus, it's the first stealth virus -- infected disks appear to have uninfected boot sectors. 1987 --- Lehigh. The Lehigh virus is discovered at Lehigh University. It's a memory-resident virus and the first to infect an executable file, COMMAND. COM. 3

A Brief History Of Viral Time n n (continued) 1988 ---First widespread Macintosh viruses, Mac. Mag and Scores, show up. 1989 ---The Dark Avenger / Eddie virus is the first of the antiviruses. It looks for AV programs written by Vessilen Bontchev, a prolific and well-known antivirus programmer, and tries to remove them. 4

A Brief History Of Viral Time n n (continued) 1990 ---Many different antivirus programs, including Wolfgang Stiller's Integrity Master, Pam Kane's Panda Anti-Virus, and Ray Glath's Vi-Spy appear on the market, with what appears to be open warfare between antivirus programmers and virus writers. 1991 ---The Tequila virus appears -- a stealth, multipartite, polymorphic, armored, variable encryption (in which each generation of infection is encrypted with a different key) virus. 5

A Brief History Of Viral Time n n (continued) 1992 ---The Michelangelo virus, apparently derived from the Stoned virus and able to infect all diskette formats, becomes widespread -- though not nearly as widespread as hysterical media reports had predicted 1993 ---Satanbug / Little Loc / Natas appear. Different strains of the same virus, they are very polymorphic. Satanbug has some serious anti-AV code in it: One strain checks for the presence of any of four AV products and destroys any disk on which they appear. 6

A Brief History Of Viral Time n n (continued) 1994 ---The relatively harmless KAOS 4 virus appears in a file on a pornographic newsgroup and quickly spreads around the globe via COMSPEC/PATH environmental variables. This is the first virus to use such environmental variables to locate the directories where potential targets reside. 1995 ---The first of the macro viruses appear, written specifically for new environments created by applications with their own programming language, such as Microsoft's Word, Excel, and Access. 7

A Brief History Of Viral Time n n (continued) 1996 ---The Laroux / Excel macro viruses replicate widely under Microsoft's new Visual Basic for Applications (VBA) macro environment; however, they carry no destructive payload. 1998 --- A virus that works and spreads under Java, called Strange. Brew, is found. A concept virus, it has no destructive payload. 8

A Brief History Of Viral Time n n (continued) 1999 ---The devastating Melissa Word 97 macro virus breaks out, the fastest-spreading virus to date. Named after a stripper the virus author favors, it is the first of the mass-mailer viruses. 2000 --- ILOVE YOU and DDos Attacks 9

A Brief History Of Viral Time n n n (continued) 2001 ---Sircam, Code Red, Nimda and Bad Trans 2002 --- Melissa Author Sentenced Celebrity. Named Viruses, David L. Smith, the convicted author of the Melissa virus, is sentenced to 20 months in a federal prison 2003 ---SQL Slammer, Blaster, Sobig. F and Sober 10

A Brief History Of Viral Time (continued) n 2004 ---Bagle, My. Doom, Sasser, Witty and Santy n 2005 --- Zotob. It's an Internet Relay Chat-based worm, providing back doors to a remote IRC channel and seeking new targets by looking for unpatched Plug-n-Play modules. n 2006 ---Trojans, Bots. Microsoft announces that backdoor Trojans and bots are the biggest threat to PC users today. Of 5. 7 million PCs running Microsoft's Malicious Software Removal Tool (MSRT), 62 percent had at least one Trojan. 11