Contributor:
Andrew Avanessian
November 9th, 2014

Malware: An evolutionary story

Earlier this year, a study from IDC and the National University of Singapore (NUS) predicted that enterprises will spend around $500 billion in 2014 on making fixes and recovering from data breaches and malware. In the past few months alone, we’ve seen Target reveal the cost of its recent breach could reach as much as $148 million. The figures are stark, but for the uninitiated the world of malware and its history is something of a mystery. So, where did they originate? How have they changed? And what does the future of malware look like?

To answer these questions we need to start from the beginning, and the Apple 2 computer. In 1982 a 15-year old High School student called Rich Skrenta created the world’s first virus, called Elk Cloner. Attached to a game and spread via floppy disk, Elk Cloner attached itself to the Apple 2 operating system and when released displayed a seven line poem informing the user they’d been infected.

Elk Cloner was a game changer. It was the first virus of its kind to spread “in the wild”, outside of a laboratory environment. It paved the way for a host of other malware such as the Friday 13th virus, which infected users on that date or the Casino Virus which gave the infected user 5 credits to play with, but no matter if they win, lose or draw they’d have to re-boot their system and re-install their software.

As malware became easier to write and sites were created which gave people ‘off the peg’ viruses they could easily piece together – the evolution of malware started its first phase – they became accessible to all.

Advances in technology also played their part. The development of the CD-ROM and the dominance of Microsoft shifted malware from micro to macro, meaning attachments, documents, discs and programs all now posed a security risk. The CIH or Chernobyl virus in 1998, The Melissa Virus in 1999 and Love Letter in 2000, which sent millions and millions of messages worldwide with the subject “ILOVEYOU”, were all high profile viruses which caused significant problems the world over.

What’s notable about these types of malware is they are largely motivated by young, tech savvy individuals flexing their muscles – showing off rather than making any financial gain. With 300,000 pieces of malware now emerging every 24 hours, the bad guys have realized they can also cash in. Malware moved from being the preserve of sophisticated techies, to the weapon of choice for the savvy cybercriminal.

Ransomware, scareware and banking malware were all borne from this new era, as attacks became targeted rather than random and the terminology of malware started to get ugly.

Today, organizations are exposed to a multitude of threats, from malware finding its way on to payment systems, as seen most recently with Home Depot, to state sponsored surveillance and zero-day threats. What we can say with certainty is that malware, and the people behind it, will constantly find new, sophisticated ways to expose and exploit holes in the system.

For businesses looking to mitigate the threat of malware, it’s no longer feasible to solely rely on antivirus technology. Earlier this year, Symantec’s senior VP of information security described antivirus as ‘dead’, estimating that it only stops 45% of cyber-attacks.

Next generation attacks need a next generation response – combining proactive and reactive security strategies to layer multiple mitigation controls. This defense in depth approach ensures that if an attacker combats one security barrier, such as the perimeter firewall, there are preventative measures on the inside to contain the breach.

The best strategies are those that prioritize those controls with the biggest impact. Technologies such as privilege management and application whitelisting, along with regular patching and adopting standard configurations are named by SANS and the Council on Cyber Security among others, as the most effective ‘quick wins’ based on real-life attacks.

You can find out more about the history of cyber threats through our infographic.
 

Ransomware report

Report: Ransomware uncovered

Ransomware is the most profitable malware in history but, by taking a proactive approach, you can stop it in its tracks and prevent your business being hit.

This report covers what ransomware is, how it works, the damage it causes, predictions for the future and, crucially, how to prevent it with a simple yet effective security strategy.

More from the Blog

Related technology and security insights

  • 28
    Jun
  • Story related

    NotPetya ransomware: Attack analysis

    On June 27, 2017 a number of organisations across Europe began reporting significant system outages caused by a ransomware strain referred to as Petya. The ransomware is very similar to older Petya ransomware attacks from previous years, but the infection ...