A quarter century of tech bugs
The first one was a prank. Now, viruses want your wallet.
In 1982, the only computer virus people had to worry about was something of a poet. Once the mischievous code lodged itself into an Apple II computer, the virus spouted verse:
"It will get on all your disks/ It will infiltrate your chips/ Yes it's Cloner!" the bardic virus displayed on screens every 50th time the machine started up. "It will stick to you like glue/ It will modify RAM too/ Send in the Cloner!"
If only today's computer viruses were so benign.
Twenty-five years later, the worms, bots, and other "malware" that sneak onto computers are far more than mere annoyances. They swindle users, overwhelm networks, and cause billions of dollars in damage each year.
Such a future was unimaginable to Richard Skrenta when he programmed that first virus back in 1982. He was 15 at the time. Calling his code the "Elk Cloner" – after the elk head trophy that hung in his father's study – the ninth-grader released the program as a practical joke.
The code infected operating systems, then spread to floppy disks, then contaminated other operating systems, and copied itself to other floppies.
It infected his friend's computers, as intended. But before long, the poem popped up on his math teacher's computer, and later on the computers of complete strangers.
"I realized that it would spread, but my imagination didn't picture it spreading all around the world," says Mr. Skrenta, who last month stepped down as CEO of the social networking site Topix.net to pursue other start-ups. He seems to get a kick out of reporters still asking questions about his little prank 25 years later.
"What you have to remember is that there were no laws against this kind of thing," he says. "The idea of the evil hacker didn't even exist at the time."
But as more programmers thought up wicked malware, media attention followed.
There was the infamous "Morris worm" that wiggled through the nascent Internet in 1988. Programmed by a Cornell University student, the worm clogged systems across the country and cost researchers up to $10 million in lost time as they weeded out the self-replicating code.
Then came the "Michelangelo virus," a ticking-bomb program that threatened to erase thousands of hard drives simultaneously on March 6, 1992. Like the Y2K bug that followed, however, Michelangelo scared more people than it hurt.
These early codes and the scores that came in between had a much different goal than today's crop of malware. They were designed to vandalize, earn bragging rights, and tinker with new technology. It was a time of hobbyists, says Zulfikar Ramzan, a senior principal researcher at the computer security firm Symantec in Cupertino, Calif.
But around 2001, the trend shifted. Amateur-made viruses gave way to a new breed – one that was more evolved, relied on stealth, and targeted your wallet.
New schemes, new virus vocabulary
So what changed? For one, a growing number of Americans started to use the Internet for banking, shopping, and advertising. Once real money started flying through cyberspace, hackers began to devise nefarious business plans.
"It used to be that most of the new malware we discovered appeared during nights and weekends – when hobbyists would have time to work on them," Mr. Ramzan says. "Nowadays, the virus writers are more active during office hours."
Hackers no longer want to share poetry or wipe your hard drive clean. After all, if a virus erases disks, it erases itself – and the opportunity to take advantage of unsuspecting computer users would be lost.
Now viruses can infect computers and the user might never know. Digital beasties such as "rootkits" burrow deep into operating systems. "Spyware" lurks behind the scenes, quietly sending passwords or other data to hackers. "Bots" can even allow hackers to take over systems. Once "bot herders" lasso enough computers, they can order thousands of hijacked machines to stampede networks, overwhelming websites and possibly blackmailing the companies that run them.
Bots in particular are hard to track down because they are often international in scope, says Dave Marcus, security research and communications manager for McAfee's antivirus lab in Santa Clara, Calif. A herder can operate in Romania, commandeer a computer in China, and then attack a network in the United States.
In fact, he says, 80 to 90 percent of all spam comes from infected machines.
Another major change from the hobbyist phase to today's era of full-time criminal coders: sheer volume.
In 2002, McAfee's antivirus team found 100 new malware designs each week, says Mr. Marcus. Now, the Internet snoopers discover 125 to 175 new codes every day.
Hackers caused $13.3 billion in damages last year, according to a report released last month by Computer Economics, a digital research firm in Irvine, Calif. But thanks to wider adoption of security software, that number is down from $17.5 billion in 2004.
One challenge in fighting malware is that current antivirus measures are still largely reactive. Once a company spots a problem, it can take days or weeks to plug the hole – plenty of time for viruses to slip in.
Of course, the biggest problem is not the computer's defenses, it's the people using the machines, says Richard Ford, director of the Center for Security Science at the Florida Institute of Technology in Melbourne, Fla.
"Humans are always going to be the weakest link," he says. "If a hacker can convince you to download a malicious file or, better yet, trick you into deleting good files, then it doesn't matter what precautions you have in place."
A future threat: cellphone viruses
Antivirus experts agree that it's just a matter of time before cellphone viruses reach US shores. They already exist in England and Japan, where mobile phones play a bigger role in everyday life.
"One thing protecting Americans now is that there is no dominant cellphone standard," unlike on computers, where Microsoft Windows enjoys a 90 percent market share, says Ramzan. However, "I wouldn't be surprised if something came up soon to attack the BlackBerry."
Earlier this week, a team of security advocates claimed to have cracked Apple's month-old iPhone, allowing hackers to swipe personal information from users.
The development is a sign that computer viruses will stalk networks long after this silver anniversary fades.
"Fifty years from now we'll still be plugging away," says McAfee's Marcus. "But let me say this: We're at the front lines of this fight, and even though there is so much that we deal with, even we don't think it's doomsday."