Start » Learning Center » Blog » The history of malware

The history of malware

The history of malware goes back further than most might think. During the decades, malware has taken different shapes and targeted different things. We have listed some of the most significant ones in history so far!


Malware in the 70’s

The history of malware starts in the early 1970’s with a worm called “Creeper”. A worm is a program that spreads to other computers by copying itself, often using a network, and this is exactly what Creeper did. It spread between different computers using ARPANET, a network that connected different universities and research facilities in the United States. In fact, ARPANET is in many ways the predecessor to the Internet. Creeper copied itself from one computer to the next, after which it erased itself from the first computer enabling it to “move” between systems. Later in 1972, “Reaper” was created with the purpose to hunt and erase Creeper, also using ARPANET. Creeper was created to see if it was possible for a program to replicate itself to other systems and did not cause any damage except for displaying the message “I’M THE CREEPER. CATCH ME IF YOU CAN!”.


The history of malware


Malware targeting Windows

The experimental spirit of malware also dominated the early 1990’s. However, now with viruses using e-mail as infection vector and Windows as the primary target. Polymorphic viruses with the ability to permute with each replication and thereby circumventing signature-based anti-virus software started to appear. Also, platform independent macro viruses that infected mainly Word documents taught Windows users to disable macros in MS Office. Still, malware makers during this time were typically young men acting alone, some with the purpose to cause damage to the infected systems, but also very much driven by curiosity.

Around the turn of the millennium, the two mass e-mailers Happy99 and Melissa showed how fast malware can spread by e-mail. Melissa was at the time the fastest spreading worm and caused overloads on e-mail servers at more than 300 corporations and government agencies. Apart from causing nuisance for many people, Melissa also caused an estimated $80 million damage for the clean-up and repair of affected computer systems, which is not a negligible monetary cost. The Love Letter worm in 2000 also propagated using e-mail and had an ingredient of social engineering. The temptation to open an e-mail with the subject “I love you” became too much for many of us allowing the malicious Visual Basic Script attachment to infect tons of computers only hours after its release.




The emerge of ransomware

One of the first ransomware attacks was the PC Cyborg Virus that spread over floppy disks in the late 1980’s. Victims were supposed to send $189 to a post office box in Panama to be able to restore the system. But it was not until the beginning of the 2000’s that ransomware became mainstream, and this has unfortunately developed into a lucrative business driven by criminal groups with the purpose to make money. Around 2010, the birth of bitcoin and crypto currencies certainly spurred this development by solving the issue of receiving payment anonymously and untraceably. The makers of malware are no longer just young men with programming skills acting alone, but criminal groups organised similar to mature cooperations with experts within the different areas and administrative functions such as HR, Finance and Management.


Malware as a cyber weapon

Apart from the explosion of ransomware (CryptoLocker, Petya, WannaCry, etc.), the 2010’s started with the first real example of how malware can be used as a cyber weapon. The Stuxnet worm infected industrial control systems controlling fast-spinning centrifuges used for separating nuclear material as part of Iran’s nuclear program. Malware such as Industroyer and Industroyer2 continued later that decade on the theme of attacking control systems, this time targeting the power grid of Ukraine. The shifting or broadening focus towards industrial controls systems and critical infrastructure is a worrying development as we take the step into the 2020’s.

Looking towards the future, it is unfortunate to conclude that the cat-and-mouse game of malware and anti-malware industries will continue. The fast development of Artificial Intelligence and Machine Learning will benefit both sides, but who will benefit the most? Vulnerable “smart devices” with complex software consisting of millions of lines of code are hooked up to the internet at an alarming speed without the manufacturers taking enough responsibility for the security of these devices. It is safe to say that attacks will continue to move from targeting laptops to building automation systems, industrial control systems, cars, smart meters, smart sensors and other types of Internet of Insecure Things.

Need help securing your networks? Do not hesitate to contact us!


Related articles