There have been very public examples of cyber attacks, affecting organisations on a global scale. Despite prominence given to recent outbreaks, such as Wannacry in May 2017 and NotPetya in June 2017, the first recorded global malware outbreaks started much earlier.
Some history
John von Neumann wrote a paper on “Theory of self-reproducing automata” published in 1966 which described self-replicating artificial forms, how they would spread, mutate and be self-deterministic.
The first examples
1981 saw one of the first computer virus designed to infect Apple II PCs by Richard Skrenta. Five years later in 1986 saw one of the first PC virus, known as Brain as well as other monikers, this was written by Basit Alvi.
Why ?
There have been many more malware in the intervening years, the main difference between these and current malware infections is that the earlier instances were programmers showcasing their skill and ingenuity mainly for bragging rights and inter-peer competition. They were often created as proof of concepts and sometimes were released by mistake.
Interconnected
Another aspect worth mentioning is that the world has moved on since the 1970s. Personal computers then were not generally interconnected, they were stand alone and strictly the domain of hobbyists.
The Internet
The origins of the internet started in the 1960s as a USA government project, which was made a commercial prospect in 1983 with few private users. By 1995 there were 16 million users, by the turn of the new century more than 300 million users. A decade later, 2000 million users. We are on course for 4000 million users in 2017. Exponential growth in action, the effective network proximity means that something that happens on the otherside of the world, can affect you milliseconds later.
There are not many commercial or governmental organisations which are not internet connected. Domestic connectivity has also mirrored this growth, which has been taken into the mobile and IoT space as well.
Ransomware
The first recorded instance of a ransomware was in 1989 written by Dr. Joseph Popp for PCs called the AIDS Info Disk which was a malware that demanded 189USD to be paid for license fees.
Ransomware is now a commercial enterprise, organised crime has seen the potential for great ROI (return on investment) for little risk.
There have also been rumours of nation state involvement in malware, which has been loosely substantiated by leaks, revelations and evidence from whistleblowers. They have been carefully crafted and targeted attacks. One such example is such Stuxnet, designed to damage centrifuges used by Iran in a uranium enrichment programme.
SWIFT
Attacks on the global interbank transfer service, SWIFT netted more than 80M USD in 2016. A similar heist was reported in Ecuador and an attempt at defrauding a bank in India this year.
More recently Wannacry and Petyta in May and June 2017. The last two has leveraged stolen malware, allegedly originating from USA’s National Security Agency (NSA).
So we are beginning to see a muddying of the waters between what is likely to be nation state campaigns and what is used by organised crime for their money raising efforts. Even the lines between nation state and organised crime may be blurred, as the two most recent global ransomware events have been attributed to various countries.
Who did it ?
Be mindful that attribution is not an exact science; this is where clues may be left to confuse and misdirect and definitely an area where
plausible deniability reigns.
So what does this all mean? Apart from plenty of mystery, intrigue, 007 and general dodginess all round.
How does it affect me and you ?
For the population at large and commerce, it means further disruption caused to our digital environment from a myriad of sources, be it an attack to demonstrate technical control for political purposes or for monetary gain, the fallout or collateral damage is likely to affect the rest of us.
What can we do about it ?
Many of these exploits take advantage of poor cyber hygiene. If basic guidelines on the use of internet based services, system maintenance and configuration were followed, the susceptibility to these attacks by organisations would be significantly lower and even if an organisation were to succumb to a cyber attack, recovery would be significantly quicker and be less damaging on operations.
Follow-up – “How to protect yourself from malware”
References
List of viri from Comodo
Wannacry – Symantec
Wannacry – The Independent
Petya or not ???? – Reuters
Destructionware, not ransomware – The Verge
More on NotPetya – TechCrunch