(1
votes, average: 5,00
out of 5)
Nothing does as much damage and harm to hard-won information as. All sorts of organizations, enterprises and reputable institutions can suffer from the blockage of their work. Unfortunately, despite constant improvement and updating of computer programs aimed at removing viruses and preventing their appearance, the damage caused by viruses is increasing. The numbers are approaching hundreds of millions of dollars annually.
What year did the first computer virus appear?
1983 year became a sad milestone in the countdown of the appearance of viruses in computer systems. The first who coined the term "computer virus" was American scientist Fred Cohen.
In his dissertation, the topic of which was the study of self-replicating computer programs, he used this expression for the first time. He also created experimentally a computer program that can be distributed in a computer network.
Who created the first computer virus
However, this is not the only version of the emergence of the virus. According to some, the enterprising owners of a computer store - the Amjal brothers from Pakistan - were the creators of the first virus. Forced to fight against illegal copying of programs written by them, they came to non-standard solution - wrote a small program and imperceptibly inserted it into the product. Those who tried to copy the program bought in the brothers' store invariably faced the active work of the first of its kind viral program.
Computer viruses today
How do they arise today? An amazing fact, but most of the viral programs that block the information system are invented and implemented by students of schools or universities who want to test and apply their strengths in practice. In such an unworthy way, they try to realize themselves.
No less serious are the exclusively hooligan motives for the spread of the virus on the Internet. Anger, low self-esteem, and sometimes just criminal stupidity prompts other teenagers or already mature enough young people to launch viruses.
However, among the creators of viruses, we find quite conscious researchers of the computer system, whose interest is to harm the anti-virus system, to make it inactive. Perhaps the results of the work of these programmers do not find a way out in the direct creation of a virus and its subsequent introduction; their sole purpose is a detailed examination and thorough investigation of the system as a whole. Yet the concern remains that these viral programs in the hands of people with an unbalanced psyche will cause irreparable harm to many computer systems.
Despite all efforts to neutralize virus carriers and facilitate the work of users, viruses penetrate deeper into the information space. Nevertheless, it is possible to prevent and eliminate viruses on condition that the computer user protects his system as much as possible, taking a serious and balanced approach to the choice of antivirus program designed to protect our computer systems.
Dr.Web is one of the first anti-viruses in history
Dr.Web would hardly have been created if the first viruses had not appeared before that, which, in turn, would not have appeared, had it not been for their environment - that is, computers and computer networks.
On the occasion of the birthday of Dr.Web antivirus, which we celebrate in April, we invite you to take a short excursion into history and remember the virus and antivirus "pioneers" who have left a bright mark on the fleeting and eventful computerization of our society. They were the first - in a variety of guises, with a variety of intentions, and often far ahead of their time!
Ideas were in the air ...
The idea of \u200b\u200bself-replicating programs was laid out by the "father" of the computer, John von Neumann. Materials of lectures on this topic, which he gave since 1949, were summarized by Neumann in the scientific work "Theory of Self-Reproducing Automatic Devices" more than 60 years ago - in 1951 year.
"Virus"
The emergence of the term "virus" in relation to computer program was inevitable. It's hard to say who used it first. It is believed that it was first used in the science fiction story of the writer and scientist Gregory Benford "The Man in Scars", published in 1970. By the way, the same story also mentions the program to combat the virus - "Vaccine"!
First viruses
AT 1961 The Darwin game was created, in which several programs called "organisms" were loaded into the computer's memory. Organisms of one species, created by one player, were supposed to destroy representatives of another species and seize living space.
AT 1971 year, the first program appeared that can be considered a virus in the modern sense - The Creeper. She did no harm, but only displayed a message on the screen:
I`M THE CREEPER: CATCH ME IF YOU CAN
But it already knew how to spread itself over the network, becoming the first network virus in history.
It also gave birth to the first antivirus - the Reaper program, which is essentially the same network virus. Reaper spread over the networks without showing itself in any way, and if it managed to find The Creeper on the computer, it erased it.
Viruses spread
And this is already serious
The first known real viruses are Virus 1,2,3 and Elk Cloner for the Apple II PC - the very future "poppy", viruses for which supposedly do not exist. Both viruses appeared in 1981 year.
First epidemic
By the mid-1980s, IBM PCs became widespread, which became one of the reasons for the emergence of virus outbreaks.
The first epidemic computer viruses can be considered what happened in 1987 year, an epidemic of a fairly harmless virus Brain, which during the year of its existence has affected many computers around the world, although it was originally created to determine the level of computer piracy in Pakistan.
Research begins
In his thesis on the topic "Self-replicating programs", prepared by a student of the University of Dortmund Jurgen Kraus in 1980 year, along with theoretical calculations, self-replicating programs for the Siemens computer that actually existed at that time were also listed. It was in this work that a parallel was first drawn between a living cell and a self-replicating computer program.
A clear definition of the term "computer virus" was given in 1983 Fred Cohen, then a graduate student at the University of Southern California:
“We define a computer virus as a program that can“ infect ”another by injecting a copy of itself into it. An infection can spread through a computer or a network ... Every infected program can behave like a virus, so that the infection spreads. "
Fred Cohen, Computer Viruses, Theory and Experiments
Shortly before Dr.Web
AT 1988 year, the first version of the domestic anti-virus Aidstest was developed. The author of this legendary program is D.N. Lozinsky. It was used on almost all personal computers in the USSR, and then in the CIS countries, remaining out of competition for many years. Lozinsky's development helped many users, in particular in the government and commercial sectors, to cope with the viral problem at the initial stage of its appearance. Today D.N. Lozinsky is the Deputy General Director of Doctor Web.
Dmitry Nikolaevich Lozinsky is one of those who determined the development of domestic programming and stood at the origins of the first Russian anti-virus solutions.
In the USSR, at the origins of computer virology (since 1989 years) was N.N. Bezrukov. His seminar "System Programming" and the electronic bulletin "Softpanorama" were largely devoted to the issues of computer virology. It featured the developers of the then domestic antivirus software, including D.N. Lozinsky.
Later N.N. Bezrukov wrote the fundamental work "Computer Virology", which was published in 1991 year and had a great influence on Igor Danilov.
The first version of Spider's Web
AT 1992 The first version of the Spider’s Web antivirus system was developed this year, which included a resident Spider watchdog and a doctor (scanner in modern terminology) Web.
It was Dr.Web who subsequently (in 1994 year) gave the whole family antivirus software Igor Danilov's name, which has become known all over the world - Dr.Web.
“There was a time - I was alone, and my workplace was in the basement. Now I have a whole team with me, we have a convenient office and branches in different countries of the world. "
Igor Danilov
Spider vs. Chameleons
In early 1990, the first polymorphic virus, Chameleon, appeared. Previously, the generally accepted way of identifying a specific virus was to extract a characteristic fixed part of its code (signature). Even viruses encrypted with a variable key could be identified by the decryption code. However, with the advent of polymorphic viruses, this became impossible. Such viruses use several methods to modify their code, so that different copies of the same virus do not have a single characteristic piece of code.
When "polymorphs" began to spread en masse, Dr.Web became the first program in the history of the antivirus industry capable of recognizing and curing computers from a variety of polymorphic viruses, including the most complex ones. It is this technological property of Dr.Web anti-virus that brought it the first international fame among professionals.
The first virus appeared at a time when the majority of the world's population considered computers to be science fiction. This happened in 1972, when the whole computer network from Airpanet ceased to function. On April 19, several thousand users experienced a device failure. On this day, any data transmission stopped, computers were out of order.
Reasons for the appearance of the first virus
This virus was the result of a routine prank by an information department student. The fellow student decided to create a program with which he wanted to make fun of his colleagues. He planned to make it so that it independently launched and was able to spread between individual computers. While creating this program, he did not even think about the consequences, namely the speed of the virus spread. He did not expect that the speed would be prohibitive, and the program itself had the ability to destroy useful information. It was the high speed of spread that gave the name to the "virus", as people compared its action to an epidemic.
The first virus that served to protect against illegal installation of programs was the development of Pakistani brothers involved in the development of licensed software. They deliberately supplied the program files with a virus that only appeared on the computer when an unlicensed copy of the program was installed. After the first launch of such a file, the virus spread throughout the computer and disrupted the operation of other programs.
The first antivirus
The appearance of the first viruses made it necessary to create an anti-virus program. The very first such development belonged to the Dialogue-Science company. Her antivirus was released on two floppy disks. Updates were released on the same media every week. The surprising fact was that when any virus was detected, the deletion did not occur. This required sending the results to a laboratory in Moscow. A medicine was already being developed here. It was this organization that subsequently organized the world famous
The emergence of the first computer viruses capable of appending themselves to files is associated with an incident that occurred in the first half of the 70s on the Univax 1108 system. The virus called "Pervading Animal" added itself to executable files - it did almost the same thing. that thousands of modern computer viruses.
It can be noted that in those days, significant events related to computer viruses occurred once every few years. Since the beginning of the 80s, computers have become more and more popular. More and more programs appear, global networks begin to develop. The result is the emergence of a large number of various "Trojan horses" - programs that, when run, cause any harm to the system. 1986 saw the first outbreak of the IBM-PC "Brain" virus. The virus infecting 360Kb of floppy disks spread across the world almost instantly. The reason for this "success" was, most likely, the unpreparedness of the computer society to face such a phenomenon as a computer virus.
In 1987 an event took place that popularized "computer viruses". The "Vienna" virus code is first published in Ralph Burger's book "Computer Viruses: A High Tech Desease". Immediately in 1987, several viruses appeared for the IBM-PC.
On Friday, May 13, 1988, several firms and universities in several countries of the world "got acquainted" with the "Jerusalem" virus - on that day, the virus destroyed files when they were launched. Along with several other viruses, the Jerusalem virus spread to thousands of computers without being noticed - anti-virus programs were not yet as widespread as they are today, and many users and even professionals did not yet believe in the existence of computer viruses. Less than half a year later, in November, a massive epidemic of the Morris network virus (also known as Internet Worm) infected more than 6,000 computer systems in the United States and practically paralyzed their work. Due to an error in the virus code, he unrestrictedly sent copies of himself to other computers on the network and, thus, completely took away its resources. The total damages from the Morris virus have been estimated at $ 96 million.
In 1992, the first VCL and PS-MPC virus designers appeared, which increased the already rather large stream of new viruses. At the end of this year, the first Windows virus infecting executable files of this operating system opened a new page of computer viruses.
In the future, the development of computer viruses resembles a summary from the battlefields. Virus writers are becoming more sophisticated, the number of antivirus programs is growing, but none of them fully protects. The "computer virus" syndrome appears in the computer society.
Law enforcement agencies are getting involved in the fight against viruses: in the summer of 1994, the author of the SMEG virus was arrested. Around the same time, in the same Great Britain, a whole group of virus writers called themselves ARCV (Assotiation for Really Cruel Viruses) was arrested. Some time later, another virus author was arrested in Norway.
August 1995 was one of the turning points in the history of viruses and antiviruses: the first virus for Microsoft Word ("Concept") was discovered. This is how the era of macro viruses began.
In 1998, the first polymorphic Windows32 viruses, "Win95. HPS" and "Win95. Marburg", appeared. The developers of anti-virus programs had to hastily adapt to the new conditions the methods of detecting polymorphic viruses, which had previously been designed only for DOS viruses.
The most notable in 1998 was the "Win95. CIH" virus epidemic, which became first widespread, then global, and then widespread - reports of infection of computer networks and home personal computers were in the hundreds, if not thousands. The beginning of the epidemic was registered in Taiwan, where an unknown person sent infected files to local Internet conferences.
Since the mid-90s, the global Internet has become the main source of viruses.
Since 1999, macro viruses have begun to gradually lose their dominance. This is due to many factors. First, users realized the dangers of simple doc and xls files. People have become more attentive, have learned to use the standard anti-virus protection mechanisms built into MS Office.
In 2000, very important changes are taking place in the world "viral arena". A new type of harmful codes is emerging - network worms. At the same time, a supervirus - "Chernobyl" appears. "Chernobyl" is an executable virus under Windows with the following features.
First, the infected file does not change its size compared to the original version. This effect is achieved due to the structure of Windows executable files: each exe-file is divided into sections aligned along strictly defined boundaries. As a result, there is almost always a small gap between the sections. Although such a structure leads to an increase in the space occupied by a file on disk, it can also significantly increase the operating system's performance with such a file. Chernobyl either writes its body into one such gap, or splits its code into pieces and copies each of them to the empty space between the borders. As a result, it is more difficult for antivirus to determine whether a file is infected or not, and even more difficult to cure an infected object.
Second, Chernobyl has become a pioneer among programs that can spoil hardware. Some microcircuits allow you to overwrite data stored in their mini ROM. This is what this virus does.
The year 2000 can still be called the year of "Love Letters". The "LoveLetter" virus, discovered on May 5, instantly spread around the world, affecting tens of millions of computers in virtually all corners of the planet. The causes of this global epidemic lie in the extremely high rate of spread. The virus sent copies of itself immediately after infecting the system to all email addresses found in the address book of Microsoft Outlook. Like the Melissa virus discovered in the spring of 1999, LoveLetter allegedly did this on behalf of the owner of the infected computer, which, of course, he did not even know about. The psychological aspect also played an important role in the spread of the virus: few people can resist not to read a love letter from their friend. This was the main focus of the virus development process. The scale of virus infections in the early 21st century is evidenced by the fact that in May alone, more than 40 million computers were attacked by the LoveLetter virus. Already in the first 5 days of the epidemic, the virus caused losses to the world economy in the amount of $ 6.7 billion.
Since 2000, network worms have completely dominated the viral arena of the world. Today, according to Kaspersky Lab, they account for 89.1% of all infections. The prevalence of network worms is traditionally dominated by email worms that use e-mail as the main transport for delivery to target computers.
In 2001, a new type of malicious code was discovered that can actively spread and work on infected computers without using files - "disembodied worms". In the process, such viruses exist exclusively in the system memory, and when transferred to other computers - in the form of special data packets.
This turn of events posed difficult challenges for the developers of anti-virus packages. Traditional technologies (antivirus scanner and monitor) have shown an inability to effectively counter the new threat, since their anti-malware algorithm is based precisely on intercepting file operations. The solution to the problem was a special anti-virus filter, which in the background checks all data packets arriving at the computer and removes "disembodied" worms. The global epidemic of the CodeRed network worm, which began on July 20, 2001, confirmed the effectiveness of the "incorporeal" technology. But the recent epidemic of the Helkern virus on January 25, 2003 was even more serious.