Computer Virus Turns 40; What's To Come?


The computer virus has reached a new milestone: Its 40th birthday.

And the evolution from the crude Creeper virus on 1971 to last year's Stuxnet virus, which could very well have marked the first shot fired in a growing cyberwar, was fast and furious, according to Guillaume Lovet, the head of Fortinet's FortiGuard security research team.

Unlucky 13: The Most Significant Viruses Of The Last 40 Years

"What changed the most in 40 years is the sheer amount, the volume, of viruses," Lovet said, noting that in 1990 there were 1,300 viruses; by 2000 there were 50,000; and by 2010 there were more than 200 million computer viruses out there wreaking havoc on systems.

Lovet points the increased use in personal computers and the democratization of Internet access as fueling the computer virus flame. The increased usage of DSL and high-speed Internet connections also pushed the virus volume to present day levels.

Over the years, Lovet said, the motive of a virus evolved from a "hobby and an annoyance" to a multi-billion dollar criminal enterprise where some virus writers can make millions.

Take the first computer virus, Creeper, which was launched in a lab using an early ancestor of the Internet. Creeper transferred to networked computers and displayed the message "I'm the creeper, catch me if you can!" It took 11 more years for a virus that infected a machine outside of a lab. In that case, 1982's Elk Cloner, the virus was spread via floppy disk and displayed a harmless poem on infected machines.

According to Lovet, it was not until 1999's Melissa virus that someone realized money could be made off of computer viruses. Melissa propagated via Microsoft Word documents and mailed itself to the Outlook contacts of the contaminated users. But a Melissa copycat used the Melissa virus code to encrypt infected files. Once encrypted, the virus writer would ask for $100 to be wired to an off-shore account in order for the files to be decrypted. Lovet said that Melissa copycat sparked the era of ransomware.

The true computer virus tipping point started in 2005, Lovet said, with the MyTob virus, which first introduced botnets and viruses designed for criminal gain. MyTob was a mass-mailed worm that includes its own SMTP engine to spread itself to other PCs after hijacking addresses from an infected system. It also included a backdoor component which let hackers send additional commands and/or files to the compromised computer to turn it into a spam-spewing zombie, or to load spyware for snapping up usernames and passwords.

Then 2008's Koobface virus made an appearance, marking the first true virus to target social networks.

And now, with Stuxnet targeting nuclear plants, Lovet said the virus landscape is changing dramatically. Stuxnet first emerged on the public radar in September 2010 when researchers found traces of code on Siemens industrial software systems that operate Iran's Bushehr nuclear reactor.

"The thing is, after cybercriminals started to use viruses to make money, they realized they could use it for spying and political gain," he said.

And while it's difficult to predict exactly where the virus landscape will go, Lovet said mobility will likely play a strong role.

"It's very difficult to foresee the evolution of viruses," he said. "Five years ago we were expecting to see botnets over mobile phones and that took five years to happen."

But with the number of smartphones eclipsing the number of PCs, and smartphones having integrated systems and methods for payment, Lovet said he sees the smartphone as the next big thing for virus writers.

"The next big target for cybercriminals is going to be smartphones," he said, adding that unlike PCs, smartphones are carried by the owner constantly and have cameras, microphones and GPS systems that could make them a 24-by-7 spy tool for a malicious code writer.