There are various types of computer security threats that IT support teams are vigilant in spotting and stopping as quickly as possible. Some of them are designed to hide in the background whilst others want to be very visible indeed.
Whilst the dangers of online security are something most people are aware of, the WannaCry worldwide virus attack highlighted the vital importance of following security best practices, given the paralysing consequences of not doing so.
Ensuring that data is backed up regularly, that a suite of security software is installed, that regular updates to Windows and other essential pieces of software are installed as soon as is practical to do so and to raise awareness of potential social engineering tactics are simple but effective ways to minimise breaches and data loss.
IT staff have had a long time to develop technological solutions and person-focused strategies in no small part due to the strange case of PC Cyborg, the first ransomware attack that attempted to extort unsuspecting users.
Pandemic Program
Whilst the first computer viruses were made in the 1970s, their potential for disrupting businesses, causing harm and extorting people was not realised until the late 1980s and early 1990s.
The first philosophy for viruses was epitomised by Brain, a virus that was meant to track illegally copied versions of a heart-monitoring program made by a software house in Pakistan, but was otherwise not intended to cause harm.
On the other side, viruses such as the infamous Lamer Exterminator were designed to destroy and be disruptive but were often developed as a technical exercise by hobbyist hackers largely as a joke or for similarly petty reasons.
The PC Cyborg Trojan, also commonly known as the AIDSInfo virus, was neither of these and would become the first piece of malware designed to extort users in the same way WannaCry did.
It was stored on the “AIDS Information Introductory Diskette”, a questionnaire program that determined a person’s exposure and vulnerability to HIV at a time when the disease had reached pandemic level but was still not completely understood.
The first time the floppy disk was loaded, a program with a counter was added to the startup file most PCs used at the time, “autoexec.bat”.
After 90 boots, or immediately in the case of some variations, the computer hides all file directories and changes the names of all files on the computer’s primary drive, which for most casual users makes the computer unusable.
As well as this, a bright red message is shown on the screen telling users that it is time to “pay for your software lease”, demanding hundreds of dollars to be sent to a PO Box in Panama. This approach, right down to the warning red screen, is still used by ransomware systems to this day.
Cures And Criminality
Whilst the methodology is remarkably modern, the method of distribution was astonishingly primitive; it was posted to a mailing list of 20,000 AIDS researchers in 90 countries, who unknowingly booted up the legitimate-looking disk with a legitimate questionnaire and ended up infected.
Part of its effectiveness was due to its creator; Dr Joseph Popp. As an evolutionary biologist who went to Harvard University, the system looked legitimate; according to some accounts, the questionnaire would have been useful were it not infected.
It was not even an effective extortion tactic; most researchers did not send the money to Panama but instead wiped their hard drives, potentially destroying years of vital research work until a simple removal tool was made.
However, a twist in the case came when the creator of the virus was finally caught.
Motivation, Money And Malice
Just two weeks after launching the virus, Dr Popp was arrested in the USA and extradited to England, as this was where the malware was first discovered, following a series of unusual discoveries in Amsterdam.
Following multiple instances of strange behaviour, he was ultimately determined unfit to stand trial and was deported back to America, but this led to questions surrounding his motivation for making the virus.
Whilst financial gain is the motivator for modern malware-creating teams and could have been the case for Dr Popp, there have been other theories concerning his particularly unusual scheme besides madness and money.
He had recently been rejected for a job at the World Health Organisation, so some claimed it was an act of revenge. Others posited that his aim was to donate the proceeds of his crime to alternative AIDS awareness programmes and trigger reforms in treating the disease.
It highlighted the importance of being particularly careful with unknown disks and the effects of social engineering, as even the most legitimate-looking unsolicited software may not be what it seems.