Since the inception of the World Wide Web in 1990, the internet has become a pillar of modern society. Unfortunately, some people just want to see the world burn, and our reliance on the internet is woefully exposed when someone decides to pick one of its many holes by inserting a deadly virus. Take a look through the worst computer viruses of all time, how many people were affected and why they were so damaging.
Few of the worst computer viruses occurred before the turn of the century, but Melissa is an early example of what damage can be done with such a simple email click-through worm.
Created by David L. Smith, Melissa looked like a harmless email from your friend on first view. Containing the message “Here is that document you asked for…don’t show anyone else. ;-)”, unsuspecting victims would click through to the document, and Melissa would be unleashed. The bug contained within the document was designed pass the email on to the top 50 contacts in that person’s Outlook address book.
The FBI estimated the costs of the virus to amount anywhere between $300-600 million, leading to an online manhunt to crack the culprit down. Smith was eventually caught, sentenced to 20 months in prison and fined $5000.
Named after a Miami-based prostitute, Melissa is an example of the damage that can be done from such a simple email attachment.
Jumping back into the current millennium, Code Red turned into one of the most dangerous viruses of all time by virtue of the ease with which it could be triggered. Exploiting a flaw in Microsoft’s Internet Information Server, the Code Red virus could infect a PC merely by connecting to the internet.
Detected by two eEye Digital Security employees, Code Red’s name is in reference to the Code Red Mountain Dew drink being consumed at the time of discovery. The worm spread by grabbing 100 IP addresses at a time, scanning for Microsoft’s Server software, and infecting the systems on which it was installed. Ahead of your chosen internet browser, a web page stated “Hacked by Chinese!” would appear.
The effects of the virus were felt far and wide, with a million PC’s and 400,000 servers brought to their knees. Included in which was the whitehouse.gov website and various other government agencies, ending with a bill of $3.2 billion worth of damages.
Viruses are feared around the world due to the level of sensitive information we know store online, and the damage that could be done should it fall in the wrong hands. Possibly the most panic-inducing virus of all, Conficker sent cyber-security experts into meltdown.
Named a ‘superbug’ due to the millions of computers it infected (potentially up to 15 million systems were hit), Conficker made its way onto Window’s systems that lacked the latest anti-virus software, or a series of satisfactory passwords. Difficult to pinpoint once a system, Conficker was so sophisticated it could block attempts to update anti-virus software and even copy itself onto USB drives.
Spreading via a number of platforms, such as email and even smartphones, once infected by Conficker, the system is hooked up to a network of assembled drones. Control over which is held by the creator. With the potential to steal private financial information, many security experts were baffled by the creator’s reluctance to use such a powerful weapon for well, anything.
It caused such alarm that Microsoft assembled a team of specialists charged with taking it down. Conficker however, remains one of the mysteries in the short history of cyber-crime. After building such a refined online weapon in 2008, the user has refrained from unleash its full potential. Capable of carrying out denial of service attacks (DoS) as well as stealing financial information, Conficker remains a sinister cyber-crime enigma.
Email is often the most favoured method of spreading a dangerous virus, and My Doom is possibly the fastest spreading of them all.
Again, the root of the virus was containing with an innocuous looking message. Labelled as “Mail Transaction Failed”, all it took to spread My Doom was the user to click on the email. From there, the malicious code downloaded itself and passed the message onto all the victim’s outlook address book.
My Doom took just two hours to infect two million systems, triggering a huge Dos attack on the likes of Microsoft and Google. Costing the world a whopping $38 million in damages, My Doom showed the world how quickly a virus of such simplicity could spread the world over.
I Love You
It’s true, I really do. If you believed that, then you were probably one of the 500,000 victims of the ‘I Love You’ virus. Named as such due to the title of an email attachment, users had their day brightened by the title of the message “I Love You”. Intrigued, the gullible victim then had to open the attachment document titled ‘Love-Letter-For-You.TXT.vbs’. Doing so would overwrite the user’s image files, and resend itself to the first 50 contact on their Windows address book.
Designed to steal internet access passwords, I Love You preyed on both our ignorance towards internet security back in 2000, and the basic human emotion to be loved. Spreading to half a million systems and creating $5.5 billion in damages, the Philippines originated virus is a textbook example of how to infect a number of systems, fast.
Cyber terrorism is stereotypically confined to the workings of mastermind criminals, harbouring a burning desire for world domination. But why should the baddies have all the fun? The American government (some would say the world’s biggest terrorist organisation) joined forces with Israel to concoct a devious cyber-missile, heading straight for Iran.
Fairly unique in its approach, Stuxnet was designed for the sole purpose of bringing down Iran’s ongoing nuclear plant system. Known to be producing nuclear weapons in some form, Stuxnet infected their internal control system with the intention of destroying the physical parts of the plant. Stuxnet caused a number of the centrifuges in Iran’s uranium enrichment facility to gradually destroy themselves, costing Iran both valuable time and money.
Iran discovered the bug in 2010, although it is thought to have been around for over a year at the time of its emergence. Believed to have been smuggled in via engineering companies who supplied equipment to Natanz, Stuxnet represents one of the first known cyber-attack from one country to another.
Stuxnet has set a precedent for how war is likely to be waged in the future, although neither America nor Israel claimed any responsibility in the attack.