34 years ago the first computer virus was born – the brainchild of Frederick Cohen, a student at the engineering school at the University of California.
On November 3, 1983, Cohen had a theory that a malicious program could be used to exploit any connected system. He explored the issue on a VAX 11/750 system running Unix. His lecturer, Professor Leonard Adleman, dubbed the program a ‘computer virus'.
Since then, security firms have been fighting viruses and other forms of malware. Last week ESET dubbed November 3 the first ever Antimalware day.
“We continue the Antimalware Day celebration, an ESET initiative, by going back to that faithful day in 1983 when the first virus was born. At that moment, the virus was defined as a program that can 'infect' other programs by modifying them to include a possibly evolved copy of itself,” ESET explains.
Adleman revealed in an interview that Cohen's original aim was to write the program, make it available to all users under the guise of something useful like a file organizer, but what it would actually do is hand over all control of users' data and privileges.
“The program had done exactly what he had claimed it would do. It very rapidly was taken up by users of the system and all rights and privileges and data of the system were surrendered to Fred”, he recalled. Cohen went on to do several experiments, and it never took more than a couple hours before he had complete access and complete control of the entire computer. “So it worked. No surprise it would work,” Adleman explained.
“We weren't aware of other experiments apart from ours. I've learned since then that other computer programs that had been written by other people also have the claim to be the first computer virus, but at the time we didn't know any of that,” he adds, referring to other research going on at the time.
Cohen believes the world takes a ‘fail and fix' approach to technology.
“We weren't aware of other experiments apart from ours. I've learned since then that other computer programs that had been written by other people also have the claim to be the first computer virus, but at the time we didn't know any of that”.
“We wait for pain and then spend resources to alleviate it. The strength of fail and fix is that if nothing noticeable fails, you don't spend any resources fixing. The weakness is that lots of things fail, it may take you a long time to detect the failures (if you ever do), and the cost of fix far exceeds the cost of proactive efforts,” he explains to ESET.
ESET says that it is dedicated to researching and raising awareness so users can use technology in a safer manner, which is what Antimalware Day is all about.
“User education will never cease to be an obligation, or a necessity. We need to understand the technology behind the threats we talk about every day, understand the psychological aspects behind the attacks, and avoid blaming the victims, because the failures that result in successful attacks involve many other factors,” the company says.
“The fact that cybercrime will continue to exist and perfect its capabilities is a reality; the question is how are we going to face this reality. Dr. Cohen agrees with us that there is still room for optimism: information technology can solve more problems than it creates, we just need to focus on using it to that end.