First published: 01st August 1994
By Allan G. Dyer M.Sc.(tech) B.Sc. AIDPM MIAP MHKCS, Head of F-PROT Technical Support, Yui Kee Co. Ltd.
Computer viruses have received much publicity in recent years for their destructive abilities, but where do they come from?
The flood of viruses we see today is a recent phenomena, but the idea of a program that can produce copies of itself can be traced back to the very earliest stages of Computer Science; in about 1948, John van Neumann (the Hungarian-born mathematician and computer pioneer) wrote a paper on "electronic automata" describing the concept. The idea, however, was little more than an intellectual curiosity. In the late 1970's, some research laboratories experimented with self-replicating programs that could perform routine housekeeping tasks in distributed systems. They quickly found that, once released, these programs would multiply uncontrollably and cause system crashes, so the idea was abandoned.
In 1985, Frederick Cohen completed his thesis on self-replicating programs, he decided to use the term "computer viruses", and defined them as 'a program that can infect other programs by modifying them to include a (possibly altered) copy of itself', he also gave a rigorous mathematical definition. The term is now generally used in a slightly different sense from Fred Cohen's mathematical definition. Dr. Fred Cohen is now one of the leading researchers in the field.
The advent of microcomputers gave computing power to millions of people, some of these were interested in how to program them, and some of these new programmers experimented widely, including writing self-replicating programs. The IBM PC became the standard for most computer users, and the conditions had become right for an electronic plague.
It was not until 1987 that the first documented computer virus attack occurred. The virus, which is now called Brain, infected several hundred disks at the University of Delaware, and is reported to have destroyed at least one student's thesis. The writers of the virus actually put their names and address in the virus code. They live in Pakistan, and said they wrote the virus in 1986 'for fun'. They were quite startled to learn that their program had travelled to America within one year. This first attack clearly demonstrated important points:
- Once a virus is "released" by the writer, he looses all control over it. He cannot limit or stop it's spread.
- Viruses can cause damage not intended by their writer. For the Brain virus, the method of infection overwrote a seldom-used section of the disk, this is probably how the student's thesis was destroyed.
The next incident was not long afterwards, a deliberately damaging file virus was found at Lehigh University in November 1987, it became known as the Lehigh virus. Since then, the number of viruses has increased exponentially. Today there are more than 4000 types of virus, increasing by about seven every day and there is no sign of the trend slowing down.
What, then, is the origin of all these viruses? It is, actually, not difficult to write a virus, any competent programmer could do so, but the vast majority of programmers have better, more constructive uses for their time. Indeed, judging from the bugs and programming mistakes in many viruses, a lot of virus writers are not competent programmers. Many viruses are simple variants of existing viruses, designed to avoid detection by one or more of the anti-virus products. A want-to-be virus writer too incompetent to design and write a whole virus can, relatively easily, take an existing virus and modify just those features the anti-virus software is looking for.
Virus writers are vandals in the electronic society, they hit out with senseless random destruction. Many viruses include messages mentioning fanciful names the writer has given himself, this is their version of spray-painting graffiti on a bus shelter, but their puerile messages go onto computer screens around the world - how much more of an ego trip for these tiny minds?
Some virus writers have organised themselves into gangs, increasing the parallels with vandals. These groups, each with it's own childish name, sometimes produce magazines (distributed electronically) offering advice to inexperienced virus writers, running competitions and taunting rival gangs. Some of these gangs have also produced toolkits to allow even non-programmers to produce their own customised viruses.
Virus writers are, in general, irresponsible idiots. Their actions cause damage, as well as fear and panic among many computer users. An obscure intellectual curiosity has become a major headache for users around the world.