Virus vs Antivirus – What Is The Winner?
Sometimes viruses win, sometimes, antivirus products do so
There is no need to mention that computers became real helpers for people, and now no one can do something without them. For this reason, the issue of information protection has been further deteriorated.
Viruses, which got a wide circulation in computer equipment, are world-shaking programs. Many users are concerned by rumors about illegal actions of cyber criminals who know how to break a network, rob a bank, and steal intellectual property and so on.
With ever increasing frequency, mass media informs about different pirate tricks by computer hooligans, appearance of new self-propagating harmful programs.
It is quite interesting that respected engineers from the American company Bell Telephone Laboratories were standing at the origins of emergence of dangerous computer fauna. They created the absolute innocent game “Darvin” aimed to present so-called supervisor at computer memory. The supervisor defined rules and an order of fighting for rival programs of different players among themselves. Programs had function of exploring space, reproducing and deleting. The main point of the game was to delete all program copies of a rival and capture a battlefield.
Each theory in the world was tried to be realized into practice for unseemly purposes.
The computer virus Creeper in history wasn’t slow to declare about itself.
It was detected in the early 70th in a prototype of the modern Internet – the military computer network called APRAnet. Creeper independently entered into the network via the modem, transferred own copy to a remote system and was shown with a cheerful message on a screen: “I AM THE CREEPER… CATCH ME IF YOU CAN”. Somebody unknown created the counterprogram called Reaper to remove this harmless virus. This extremely insignificant episode was, as it turned out, the beginning of never-ending fight between founders of viruses and antiviruses, in other words, the variant of the ancient game in “police-thieves”.
More Viruses: Extraterrestial Intrusion?
After all of that, the more computers appeared, the more active viruses were. Soon after, there was the first mass cyber epidemic in history. Elk Cloner was overturning an image, forcing a text to blink and displaying various messages on a screen of Apple II. In those times, memorable by overall passion to UFO, some users even seriously believed that it was intrigues of… extraterrestrial civilization. At least ten years passed before the phrase “computer virus” became a term. A founding father of modern computer virology Fred Cohen gave to it a scientific definition as a program that is able to infect other programs by means of their modification with the purpose to penetrate own copies. However, the global epidemic caused by the Brain virus, which soon bursting for IBM compatible computers, showed that the computer community was not absolutely ready to face such phenomenon.
The total infection outbreak was caused by the German programmer Ralph Burger who wrote the provocation book “Computer viruses. The disease of high technologies” (there was also a similar work by B. Khizhniak later on). Both books, alas, promoted public awareness for writing viruses, and the result was not long in coming. Independently from each other several harmful codes for IBM compatible computers appeared: the Lehigh virus, the Suriy family; a number of loading viruses in the USA, New Zealand, Italy and the first self-encrypted file virus called Cascade. The last one received such name due to the caused effect of “crumbling letters”.
Do They Exist?
It is amusing that even not all professionals believed in existence of computer viruses. In 1988 the famous programmer Peter Norton venomously said that a virus was like the same myth as fairytales about crocodiles living in the sewerage of New York. After that, as a response to that statement, the total epidemic of the new network virus which received the name “Morris's Worm” was burst. It infected several thousands of computer systems in the USA, including the NASA’s Research Center, practically paralyzed their work, having incurred losses for 96 million dollars.
However, another virus – cruel Datacrime which initiated irrecoverable data loss on a hard drive – became the first sensation in mass media.
It was created in a year of the 500 anniversary of discovery of the American Continent, and in the USA it received the name "Columbus Day". Someone assumed that, thus, Norwegian terrorists tried to revenge for the fact that the America discoverer Columbus is considered unfairly in contrast to their compatriot Eric the Red.
In this situation the general public, finally, have noticed that new phenomenon and even addressed to IBM Corporation the demand to rescue the world from a virus misfortune. Having carefully counted benefits, IBM declassified an already existing internal antivirus project, turned it into a commercial product and started to sell it. Almost at the same time specialized editions, for example, Virus Bulletin and Virus Fax International trying to unite strengths of experts for fight against the computer plague started appearing. So, “police officers” became more active too.
Nevertheless, as all of us know the opening lead of whites is always done by “thieves”. Joseph Popp at the end of 1989 managed to send 20 thousand of diskettes containing the Trojan program called Aids Information Diskette to addresses in Europe, Africa and Australia. These addresses were impudently stolen from databases of the PC Business World magazine and the World Health Organization. The “Trojan” encrypted names of all files, made them invisible and left on a disk only one readable file – the bill which should be paid and… sent to some specific address.
More And More Viruses
Things were only going to get worse. There was a whole “plant” in Bulgaria for production of virus families, and after the plant the first BBS station (VX BBS) appeared focusing on an exchange of viruses and information for virus writers. It is hardly worth explaining, what a strong incentive on a virus movement had that station. After Bulgaria, the similar organizations started appearing worldwide; a whole cohort of people devoted themselves to creation of harmful programs was formed.
Virus fighters realized the return move: the European Institute for Computer Antivirus Research, which became one of the most reputable international organizations uniting practically all large antivirus companies, was created in 1990, Hamburg.
The international market of protective means from computer viruses was being formed actively.
Special police divisions, that were in charge of computer crimes exclusively, were being organized as well.
The year 1996 can be considered as the beginning of a large-scale attack by a computer underground on Windows operating systems and Microsoft Office applications. Hundreds of viruses were descended as from a conveyor. Many of them had absolutely new ways and methods of infection. Computer monsters ended up on a new round of their development – the level of 32-bit operating systems.
With this background, in Great Britain landmark case over 26-year-old jobless Christopher Payl, suspected of creation and spread of computer viruses called Queeg and Pathogen, and also the SMEG polimorfik-generator, took place. After all, he pleaded guilty and was sentenced to 18 years of imprisonment.
This fact, probably, only instigated computer wreckers: they reached e-mails while spreading through the MS Outlook program which became the corporate standard in the USA and many countries of Europe. The dangerous and tough postal script virus called LoveLetter even got to The Guinness Book of Records.
Right after startup, it destroyed files with a fixed extension on disks and imperceptibly sent own copies to all addresses, without exceptions, found in the telephone book of MS Outlook. After a short time there was Melissa, which read the address book of the post MS Outlook program, carefully sending its copies to the first fifty found addressees. Such giants of the industry as Microsoft, Intel, Lockheed Martin were forced to disconnect corporate electronic mail services temporarily, in spite of the fact that epidemic was quickly extinguished. The virus author, 31-year-old programmer from the USA David Smith, was found, arrested and condemned for 10 years of imprisonment and fine to 400,000 US dollars.
However, attacks on MS Windows, MS Office and network applications are still frequent. Numerous Trojan programs stealing passwords of Internet access, various “worms”, viruses for Excel and Microsoft Access documents, a multiplatform macro virus infecting simultaneously documents of two MS Office applications: Access and Word, macro viruses transferring its code from one Office-application to another and so on are appearing every day. Hybris is a new dangerous and technologically perfect virus worm which uses websites and electronic conferences for loading new modules of the virus on infected computers.
Experts agreed that since 2000 infection via the Internet and e-mails became the main way for transportation of malicious codes.
Is there a champion?
What should we do? Who will be a winner in this battle? Is it true that the fight against viruses is the same “overtaking technology” as the crime fighting?
In general, it is not like that, even though many antivirus companies have stopped on this stage of development. However, it is still important to design alternative antivirus technologies that will be able to protect from future viruses. Now programmers use heuristic analysis, behavioral blockers and inspectors of changes. Experience has proven that their combined usage shows a positive effect, than only traditional antivirus scanners and monitors.
It is not a secret that wide spread of Microsoft products provokes appearance of computer viruses. If Linux was so popular on the market as Microsoft, there would be more malicious programs written for Linux operating systems. Usually viruses are spread due to “holes” in security systems of popular operating systems. It is impossible to create an invulnerable system to malware. Networks, system as viruses were also created by people.
Development of computer technologies moves on equal basis with virus development. Professionals permanently inculcate new optimization systems for virus detection that increase scan speed and improve the quality of protection.
If to conclude rationally, any virus cannot appear from anywhere. If a computer stays at home and does not “go for a walk” outside, so that virus can get into it only from external disks or come from the Internet.
Does Antivirus Software Do Anything?
Antivirus software works independently all the time. It scans all your mails, floppy disks that are run from a computer drive. This protection tool can be set according to user’s wish. Besides, antivirus programs can be automatically updated in the Internet as often as you want. It is necessary to do that to delete new viruses. Sometimes protection instruments can inform a user about virus detection and ask him what should be done. However, new harmful codes are written every day, due to this there is always work for programmers who design antivirus utilities.
All users should know that an antivirus is not a whim, but it is a necessity. If you do not have any, you have to get one.