The Datacrime and FuManchu (a Jerusalem modification) viruses as well as virus families Vacsina and Yankee appeared.
The Datacrime virus was extremely dangerous: from October 13th through December 31st, it initiated low-level formatting of a hard disc’s zero cylinder which led to the destruction of tables stored in FAT files and irrevocable loss of data.
The first warning about the virus came out of the Netherlands in March from Fred Vogel. Despite the relatively low infection rate, Datacrime evoked a hysterical reaction worldwide. The repeated warnings resulted in significantly distorted descriptions of how the virus really worked and what damage it caused.. In the US, the virus was named Columbus Day because many speculated that the virus had been written by Norwegian terrorists attempting to punish Americans for crediting Columbus instead of Eric the Red with the discovery of America.
An interesting incident occurred in Holland. The local police decided to begin a proactive fight against cyber-crime. They developed an antivirus program capable of neutralizing Datacrime and sold it directly to local precincts for a mere $1. There was tremendous demand for the antivirus program, but it was soon discovered that the program was unreliable and had a high false positive rate. A second version was produced to correct the mistakes; however, it was also riddled with bugs.
October 16th, 1989 saw the appearance of the WANK worm on VAX/VMS computers on the SPAN network. The worm spread via the DECNet protocol and changed system messages to read, ‘WORMS AGAINST NUCLEAR KILLERS’ accompanied by the message, ‘Your System Has Been Officially WANKed.’ WANK also changed system passwords to random symbols and sent them to a user by the name of GEMPAK on the SPAN network.
December 1989 witnessed the Aids Information Diskette incident. 20,000 discs containing a Trojan were sent to addresses in Eurpose, Africa, Australia and the WHO. The addresses had been stolen from the database of PC Business World. Once an infected disk has been loaded, the program would automatically install itself on the system, creating its own concealed files and directories and modifying system files. After 90 loads, the operating system encoded the names of all files, rendering them invisible and leaving only one file accessible. This file recommended paying money to a specified bank account. As a result, it was relatively easy to identify the Trojan’s author as one Joseph Popp who had earlier been declared insane. Despite this, he was convicted in absentia by Italian authorities.
It is interesting to note that 1989 marked the beginning of virus epidemics in Russia as well. Towards the end of 1989, approximately 10 viruses (listed in the order they arrived) appeared in Russian cyber-space: 2 versions of Cascade, several modifications of Vacsina and Yankee, Jerusalem, Vienna, Eddie, and PingPong.
The spread of high technology worldwide predetermined the appearance of new antivirus projects throughout the world, just as it did in Russia-or at that time, the USSR. In 1989, antivirus expert Eugene Kaspersky, who would later found Kaspersky Lab, first ran into a virus: his work computer was infected by Cascade in October 1989. It was this incident that led Eugene to devote his life to antivirus research.
Only a month later, Eugene detected the Vascina virus using the first version of the -V antivirus program he had just written. Years later, -V turned into AVP Antiviral Toolkit Pro.
In fact, 1989 saw a bumper crop of antivirus companies: F-Prot, ThunderBYTE, and Norman Virus Control.
So many people became so nervous about viruses that various groups and individuals asked IBM, then undisputed leader in the IT market, to provide an antivirus solution. IBM in turn decided to commercialize the internal antivirus project they were running. IBM Virscan for MS-DOS went on sale in October 1989.
After brief consideration and market research, IBM decided to ‘declassify’ its antivirus project as developed in its TJ Watson Research Center and turn it into a full commercial product. IBM Virscan for MS DOS was first made available for purchase in October 1989 for only $35 dollars.
April of 1989 marked another landmark in the antivirus field: the first antivirus publications were founded. UK-based Sophos sponsored Virus Bulletin, whereas Dr. Solomon’s founded Virus Fax International. Virus Bulletin exists to this day, while Virus Fax International was first renamed as Virus News International and eventually metamorphosed into Secure Computing.
Today, Secure Computing is considered one of the most popular sources in information technology security and specializes not only in antivirus programs but also in computer and device safety. Secure Computing conducts annual contests under the ‘Secure Computing Awards’ title for the best developments in various fields, including antivirus safety, cryptology, access-control, intranet screens, and others.
Machine learning has long permeated all areas of human activity. I would like to warn about, or dispel, some of the misconceptions associated with the use of ML in the field of cybersecurity. Read Full Article
Kaspersky Lab researchers presented a closing keynote and three other papers related to targeted attacks and APT research at Virus Bulletin 2015 in Prague. Read Full Article