Story image

ESET looks back at the origins of the computer virus

07 Nov 2017

34 years ago the first computer virus was born – the brainchild of Frederick Cohen, a student at the engineering school at the University of California.

On November 3, 1983, Cohen had a theory that a malicious program could be used to exploit any connected system. He explored the issue on a VAX 11/750 system running Unix. His lecturer, Professor Leonard Adleman, dubbed the program a ‘computer virus’.

Since then, security firms have been fighting viruses and other forms of malware. Last week ESET dubbed November 3 the first ever Antimalware day.

“We continue the Antimalware Day celebration, an ESET initiative, by going back to that faithful day in 1983 when the first virus was born. At that moment, the virus was defined as a program that can 'infect' other programs by modifying them to include a possibly evolved copy of itself,” ESET explains.

Adleman revealed in an interview that Cohen’s original  aim was to write the program, make it available to all users under the guise of something useful like a file organizer, but what it would actually do is hand over all control of users’ data and privileges.

“The program had done exactly what he had claimed it would do. It very rapidly was taken up by users of the system and all rights and privileges and data of the system were surrendered to Fred”, he recalled. Cohen went on to do several experiments, and it never took more than a couple hours before he had complete access and complete control of the entire computer. “So it worked. No surprise it would work,” Adleman explained.

“We weren’t aware of other experiments apart from ours. I’ve learned since then that other computer programs that had been written by other people also have the claim to be the first computer virus, but at the time we didn’t know any of that,” he adds, referring to other research going on at the time.

Cohen believes the world takes a ‘fail and fix’ approach to technology.

“We weren’t aware of other experiments apart from ours. I’ve learned since then that other computer programs that had been written by other people also have the claim to be the first computer virus, but at the time we didn’t know any of that”.

“We wait for pain and then spend resources to alleviate it. The strength of fail and fix is that if nothing noticeable fails, you don’t spend any resources fixing. The weakness is that lots of things fail, it may take you a long time to detect the failures (if you ever do), and the cost of fix far exceeds the cost of proactive efforts,” he explains to ESET.

ESET says that it is dedicated to researching and raising awareness so users can use technology in a safer manner, which is what Antimalware Day is all about.

“User education will never cease to be an obligation, or a necessity. We need to understand the technology behind the threats we talk about every day, understand the psychological aspects behind the attacks, and avoid blaming the victims, because the failures that result in successful attacks involve many other factors,” the company says.

“The fact that cybercrime will continue to exist and perfect its capabilities is a reality; the question is how are we going to face this reality. Dr. Cohen agrees with us that there is still room for optimism: information technology can solve more problems than it creates, we just need to focus on using it to that end.”

Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Aussies too lax about IoT security - McAfee
Aussie consumers are at a loss when it comes to securing the increasing number of connected devices in their homes and are often opting to take no action at all.
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.
Flashpoint: APAC companies must factor geopolitics in cyber strategies
The diverse geopolitical and economic interests of the states in the region play a significant role in driving and shaping cyber threat activity against entities operating in APAC.
Expert offers password tips to aid a stress-free sleep
For many cybersecurity professionals, the worries of the day often crawl into night-time routines - LogMeIn says better password practices can help.
SolarWinds extends database anomaly detection
As organisations continue their transition from purely on-premises operations into both private and public cloud infrastructures, adapting their IT monitoring and management capabilities can pose a significant challenge.
NATO picks BlackBerry's encrypted voice technology to secure calls
The NCI Agency acquires, deploys and defends communication systems for NATO's political decision-makers and command centres