Development of cybercrime – how it started?

The term “computer virus” is now familiar to most people in the world, including children. It is usually associated with something destructive to the hardware, data and services we all rely on. Computer viruses, like their biological counterparts, also replicate and can be transmitted from one host to another, causing problems ranging from annoying to destructive.

The 50th anniversary of the first malicious code was recently celebrated, which is an opportunity to present the most significant in the history of viruses, worms and other threats – from the pre-internet days to the current world of botnets and ransomware. Below is an overview compiled by experts from Fortinet.

1971: The first proof of the possibility of creating a virus – Before there was the internet, there was the ARPANET (Advanced Research Projects Agency Network) in the US, which was launched in 1967. as an attempt to connect remote computers. The first computers were connected in 1969. Just two years later, engineer Bob Thomas of the U.S. research and development company BBN, based on a nearly 30-year-old concept by German mathematician John von Neumann, created a virus called “The Creeper”. It spread by means of a network protocol between computers connected to the ARPANET network. Its purpose was not to act with malicious intent, but to see if the message encoded in it “I’m the creeper, catch me if you can!” (I am a creeper, catch me if you can!) would be able to replicate itself between network devices. The target was reached.

1982: The first virus for Mac computers – Contrary to popular belief that there are no viruses on Apple hardware, it was in this environment that the first digital pests attacking personal computers debuted. The first virus found “in the wild” was “Elk Cloner”, developed for the Apple II computers – it was placed in the boot sector of a floppy disk, from where it copied itself into the computer’s memory, and from there spontaneously to other, clean media. Its author was a 15-year-old boy who wrote such programs to play tricks on his friends. On the fiftieth boot, Elk Cloner displayed a funny poem to the user.

1986: The first PC virus – “Brain” changed the world of information security forever. It originated in Pakistan, but quickly spread around the world, to Europe and North America. It was developed by brothers Amjad Farooq Alvi and Basit Farooq Alvi, authors of medical software. They created a virus that loads a warning for people using pirated copies of it. Because there was no Internet at the time, the virus spread through human interaction, by copying floppy disks. This virus did not destroy data, but it prevented the computer from booting and displayed a notification containing m.in. the phone number of the Farooq Alvi brothers, who should have been contacted to fix the problem. They claim that they wanted affected individuals to call them to discuss how to obtain their software legally. Their brilliant plan proved so effective that they were inundated with calls from all over the world.

1988: Morris Worm – It is named after its author, Robert Morris. This worm was not malicious and was created as a proof-of-concept that replication of code without user intervention was possible (distinguishing it from a virus that requires human “support”). Morris feared that system administrators would quarantine the worm and ignore the infection. So he programmed it to be permanent. However, there was no way to stop the self-replication process, so the worm caused a heavy load on devices, making them inoperable, and also caused a Denial-of-Service (DoS) in networks, spreading from machine to machine.Because of this, Robert Morris became the first person convicted under the Computer Fraud and Abuse Act. However, he later became a successful entrepreneur and got a position at the Massachusetts Institute of Technology (MIT).

1989: The world’s first ransomware – AIDS becomes the first ransomware observed worldwide. It was sent by physical mail (!) to researchers of the then rapidly spreading worldwide AIDS virus via 20,000. Infected floppy disks that contained an AIDS questionnaire. However, on the 90th reboot, the floppy changed the file names to encrypted strings and hid them from the user. The screen then displayed a request to pay a post office box in Panama $189 for a one-year “security guarantee” or $385 for a lifetime one. Only bank checks, cashier’s checks, or money orders were accepted.

1992: Michelangelo – The virus, dedicated to Michelangelo, programmed a “time bomb,” an instruction that would activate on March 6, his birthday. Its purpose was to destroy the boot sector of drives, making it impossible to access data or boot up at all. The virus, like its predecessors, spread via floppy disks. It was detected a few weeks before March 6, which helped to publicize its destructive nature – the first case of the virus to receive so much attention in the mainstream media, which helped to boost antivirus software sales worldwide. There were then many warnings for users to leave their computers turned off on that day or to change the date on their machines a day ahead to avoid the threat.

1994-95: The first phishing attacks – As the Internet became more widespread in the United States, with the launch of services such as America Online (AOL), CompuServe, and Prodigy, fraud and phishing increased. Because the accounts providing Internet access were paid and relatively expensive at the time, many people were interested in stealing credentials. Communication sites dedicated to illegal software began to trade applications used to disconnect users from the Internet, steal their account data, and generate random credit card numbers. One of the most famous programs was AOHell (a play on words referring to AOL’s name), which included an account creator that used randomly created credit card numbers to provide a way to open an account for free for a month.

The AOHell application also contained one of the first phishing mechanisms. Automated bots sent mass messages asking to verify account credentials, claiming, for example. there was a problem with the accounts. To continue talking to the bot, the victim had to “verify their identity” by providing a username and password. This information was then harvested by the creators of AOHell and used or sold to gain free account access and send spam.