Story image

ESET looks back at the origins of the computer virus

07 Nov 17

34 years ago the first computer virus was born – the brainchild of Frederick Cohen, a student at the engineering school at the University of California.

On November 3, 1983, Cohen had a theory that a malicious program could be used to exploit any connected system. He explored the issue on a VAX 11/750 system running Unix. His lecturer, Professor Leonard Adleman, dubbed the program a ‘computer virus’.

Since then, security firms have been fighting viruses and other forms of malware. Last week ESET dubbed November 3 the first ever Antimalware day.

“We continue the Antimalware Day celebration, an ESET initiative, by going back to that faithful day in 1983 when the first virus was born. At that moment, the virus was defined as a program that can 'infect' other programs by modifying them to include a possibly evolved copy of itself,” ESET explains.

Adleman revealed in an interview that Cohen’s original  aim was to write the program, make it available to all users under the guise of something useful like a file organizer, but what it would actually do is hand over all control of users’ data and privileges.

“The program had done exactly what he had claimed it would do. It very rapidly was taken up by users of the system and all rights and privileges and data of the system were surrendered to Fred”, he recalled. Cohen went on to do several experiments, and it never took more than a couple hours before he had complete access and complete control of the entire computer. “So it worked. No surprise it would work,” Adleman explained.

“We weren’t aware of other experiments apart from ours. I’ve learned since then that other computer programs that had been written by other people also have the claim to be the first computer virus, but at the time we didn’t know any of that,” he adds, referring to other research going on at the time.

Cohen believes the world takes a ‘fail and fix’ approach to technology.

“We weren’t aware of other experiments apart from ours. I’ve learned since then that other computer programs that had been written by other people also have the claim to be the first computer virus, but at the time we didn’t know any of that”.

“We wait for pain and then spend resources to alleviate it. The strength of fail and fix is that if nothing noticeable fails, you don’t spend any resources fixing. The weakness is that lots of things fail, it may take you a long time to detect the failures (if you ever do), and the cost of fix far exceeds the cost of proactive efforts,” he explains to ESET.

ESET says that it is dedicated to researching and raising awareness so users can use technology in a safer manner, which is what Antimalware Day is all about.

“User education will never cease to be an obligation, or a necessity. We need to understand the technology behind the threats we talk about every day, understand the psychological aspects behind the attacks, and avoid blaming the victims, because the failures that result in successful attacks involve many other factors,” the company says.

“The fact that cybercrime will continue to exist and perfect its capabilities is a reality; the question is how are we going to face this reality. Dr. Cohen agrees with us that there is still room for optimism: information technology can solve more problems than it creates, we just need to focus on using it to that end.”

Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Malware downloader on the rise in Check Point’s latest Threat Index
Organisations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.