The Evolution of Malware

Thomas Smith

1971

First Known Virus
Creeper

Experimental,
self-replicating worm that does not damage data but generates a message that reads: “I’m the creeper: catch me if you can”

1985

First PC Virus
Brian

Built in Pakistan, affects the boot sector of storage media using stealth tactics

1988

First Internet Worm
Morris

Immobilized 6,000 computers, $100,000 to 10,000,000 in damages, affected universities, military facilities, and NASA

1999

Mass-Mailing Virus
Melissa

Not a worm, dispersed via email, affected over 100,000 computers in under 72 hours

2000

Email Worm
ILOVEYOU

Email scam with an infected attachment, affected 10% of internet-connected computers worldwide, a setback of over $20 billion

2004

Mass-Mailer Worm
MyDoom

One of the most damaging mass-mailer viruses, contains a backdoor for remote control of compromised systems and triggers DoS attacks

2005

First Crypto-Ransomware
Trojan.Gpcoder

Disguised as a PC cleanup app which prompts consumers to pay for services

2010

First Weaponized Malware
Stuxnet

Infected Iran’s nuclear centrifuges in addition to 100,000 other computers

2013

Point-Of-Sale Malware
Target Stores

70 to 110 million Target customer records affected, exposed credit and debit card information

2014

Strategic Data Heist
Sony Pictures

50,000 Social Security numbers obtained, in addition to Sony Pictures’ unreleased films and other proprietary information

2014

Industrial Malware
Energetic Bear

Russian industrial espionage attacks gained entry into the computers of over 1,000 oil and gas companies

2015

Government Breach
US Office of Personnel Management

Personal data of 21.5 million at the US Office of Personnel Management breached, including Social Security numbers and fingerprints

2015

First Infrastructure Attack
Ukrainian Power Grid

IT team tricked by social engineering, blackouts resulted across Ukraine

2016

Geographic Attack
Turkish Citizenship Database

Personal data of 50 million Turkish citizens (two-thirds of the population) leaked

  1. http://www.pwc.com/gx/en/issues/cyber-security/information-security-survey.html
  2. http://www.toptenreviews.com/software/articles/what-was-the-first-antivirus-software/
  3. https://en.wikipedia.org/wiki/Creeper_(program)
  4. https://www.symantec.com/content/en/us/about/media/securityintelligence/SSR-Timeline.pdf
  5. https://en.wikipedia.org/wiki/Brain_(computer_virus)
  6. http://www.syracuse.com/vintage/2016/01/thrpt-row rowback_thursday_cornell_stu.html
  7. https://en.wikipedia.org/wiki/Morris_worm
  8. http://www.cert.org/historical/tech_tips/Melissa_FAQ.cfm?
  9. http://www.pcmag.com/article2/0,2817,2363172,00.asp
  10. https://en.wikipedia.org/wiki/ILOVEYOU
  11. https://www.symantec.com/content/en/us/about/media/securityintelligence/SSR-Timeline.pdf
  12. https://blog.barracuda.com/2016/03/27/the-evolution-of-ransomware/
  13. https://www.symantec.com/security_response/writeup.jsp?docid=2005-052215-5723-99
  14. https://gcn.com/articles/2012/06/26/stuxnet-demise-expiration-date.aspx
  15. http://www.nytimes.com/2014/01/11/business/target-breach-affected-70-million-customers.html?_r=0
  16. http://www.securityweek.com/target-confirms-point-sale-malware-was-used-attack
  17. http://www.nytimes.com/2014/12/31/business/media/sony-attack-first-a-nuisance-swiftly-grew-into-a-firestorm-.html
  18. https://en.wikipedia.org/wiki/Sony_Pictures_Entertainment_hack
  19. http://www.nytimes.com/2014/07/01/technology/energy-sector-faces-attacks-from-hackers-in-russia.html
  20. http://www.nytimes.com/2015/07/10/us/office-of-personnel-management-hackers-got-data-of-millions.html?_r=0
  21. http://venturebeat.com/2016/04/06/turkey-is-investigating-leak-of-50-million-citizens-data/
Share on FacebookTweet about this on TwitterShare on LinkedIn