Part 2: Virus attacks and antivirus development

Computer viruses caused and still cause billions of dollars' worth of economic damage each year, due to causing system failure, wasting computer resources, corrupting data, increasing maintenance costs, etc. The most well-known cases of massive virus attacks are as follows.

In 1988, a graduate student at Cornell University, Robert Tappan Morris created a monster: the Morris Worm. He designed the first self-replicating computer worm and unleashed it in the World Wide Web to check how deep the internet hole goes. He surely didn’t expect its replicating beyond control as it infected thousands of computers, cost millions of dollars in damage, and forced the U.S. government to create an emergency response for computers known as the CERT. In 1999, David L. Smith created a computer virus and gave it the name “Melissa” after the name of a night club show girl. Smith posted a Word document infected with “Melissa” to a discussion group on America Online, purporting it to be a list of log-in information to “adult” sites.

Smith’s virus spread like wildfire through email, sending itself to fifty email accounts on every infected computer, and which, over time, overloaded email servers and forced companies such as Microsoft, Intel and others to completely turn off their email networks until the virus could be contained. In the end, more than one million PCs were infected, causing 80-million dollars in damage worldwide.

The ILOVEYOU virus in 2000 had a similarly devastating effect. The outbreak was later estimated to have caused 5.5–8.7 billion dollars in damages worldwide, and estimated to cost 15 billion to remove the worm. Within ten days, over 50 million infections had been reported. To protect themselves, the Pentagon, CIA, the British Parliament and a number of most large corporations decided to completely turn off their mail systems. This virus affected over 50 million computers and was one of the world's most dangerous computer disasters of all time. That's pretty impressive when you consider that the Melissa and I LOVE YOU viruses are incredibly simple.

A worm called Code Red made huge headlines in 2001. It replicated itself over 250,000 times in about nine hours on July 19, 2001. It slowed down Internet traffic so effectively that things nearly clogged. Each copy of the worm scanned the Internet for Windows NT or Windows 2000 servers that did not have the Microsoft security patch installed. Each time it found an unsecured server, the worm copied itself to that server and continued its work. Depending on the number of unsecured servers, a worm could create hundreds of thousands of copies. The Code Red worm was designed to do three things: 1 - replicate itself for the first 20 days of each month; 2 - replace Web pages on infected servers with a page that declares "Hacked by Chinese"; 3 - launch a concerted attack on the White House Web server in an attempt to overwhelm it. This attack consisted of the infected systems simultaneously sending 100 connections to www.whitehouse.gov. The U.S. government had to change the IP address of www.whitehouse.gov to circumvent that particular threat.

Antivirus industry was developing together with viruses.

In 1990, the Computer Antivirus Research Organization (CARO) was founded. In 1991, CARO released the "Virus Naming Scheme", originally written by Friðrik Skúlason and Vesselin Bontchev. Although this naming scheme is now outdated, it remains the only existing standard that most computer security companies and researchers have ever attempted to adopt. CARO members includes: Alan Solomon, Costin Raiu, Dmitry Gryaznov, Eugene Kaspersky, Friðrik Skúlason, Igor Muttik, Mikko Hyppönen, Morton Swimmer, Nick FitzGerald, Padgett Peterson, Peter Ferrie, Righard Zwienenbergand, Dr. Vesselin Bontchev.

In 1991, in the United States, Symantec released the first version of Norton Anti-Virus. In the same year, in Czechoslovakia, Jan Gritzbach and Tomáš Hofer founded AVG Technologies (first release of their Anti-Virus Guard (AVG) only in 1992). On the other hand, in Finland, F-Secure (founded in 1988 by Petri Allas and Risto Siilasmaa) released their first antivirus product. F-secure claims to be the first antivirus firm to appear on the World Wide Web.

In 1991, the European Institute for Computer Antivirus Research (EICAR) was founded to further antivirus research and improve development of antivirus software.

In 1992, in Russia, Igor Danilov released the first version of SpiderWeb (now it is Dr. Web).

Over time other companies were founded. In 1996, in Romania, Bitdefender was founded and released the first version of Anti-Virus eXpert (AVX). In 1997, in Russia, Eugene Kaspersky and Natalia Kaspersky co-founded security firm Kaspersky Lab.

Meanwhile the number of viruses kept growing.

In 1994, AV-TEST (The Independent IT Security Institute founded in Germany) reported that there were 28,613 unique malware samples (based on MD5) in their database. In 1999, that figure reached 98,428 samples. In 2005, it was already 333,425.

In 2007, AV-TEST reported a number of over 5,5 million new unique malware samples (based on MD5) only for that year. In 2012 and 2013, antivirus firms reported a new malware samples range from 300.000 to over 500.000 per day.

So, we can conclude that although antivirus industry is now well sophisticated and keeps on developing fast, viruses are not still defeated and it seems that they are not going to. It is such an impression that these two Enormous Forces of Virtual World are constantly balancing in never-ending War.