The key to choosing the right IT services partner is flexibility and adaptability to your needs; every business needs something different from their hardware, software, networking and security, and the best tools for one company may not be optimal for another.
The world of information technology evolves in mysterious and unique ways; a computer setup can look standardised, even outright optimal, before everything changes in a way that causes business and technical experts to rush to adapt.
This was the case when it came to computer security and malware; whilst viruses have existed and been an issue since Brain in the 1980s, trojan horse viruses have existed since PC Cyborg and self-replicating worms since Morris in 1988, they had not been a huge concern for computer users.
Outside of Michaelangelo, the first prominent computer security panic, computer viruses were not a major concern for a lot of IT users who started to use computers following the rise of Windows 95 and the early internet.
However, in the late 1990s and early 2000s, this changed extremely quickly and transformed network security and data protection in the process.
The peak of this was a virus so prolific and so widespread that it slowed the entire internet by ten per cent, and its impact was so huge that no virus attack of that scale has happened since.
The Road To Mydoom
The late 1990s was a perfect storm for network vulnerabilities, as the most popular operating system, web browser and email programme were all by far the least secure.
The first virus to truly take advantage of this on a grand scale was Melissa in 1999, although it remains the subject of debate whether it was intended to spread so quickly.
It was the first virus to spread worldwide within hours of its initial discovery, thanks to taking advantage of a vulnerability in Microsoft Word at the time that allowed malicious code to be written in macro templates.
Following this, the infamous ILOVEYOU worm in 2000 used a very similar approach, allegedly as part of a protest against the high cost of internet access in the Philippines.
Finally, there was the Sobig worm family, which when it was first discovered in 2003 was considered to be the biggest and fastest growing viruses ever, according to a contemporary BBC News article.
Allegedly, the motivation was to use infected computers to send unwanted email messages to contact lists that were acquired by the virus, although this was ultimately never proven.
However, the epicentre of just five years of increasingly intense malware attacks was Mydoom, and it was so big that it changed everything.
Just Doing My Job
On 26th January 2004, Mydoom was first discovered in the wild, with users receiving an email that contained the single-line message “I’m just doing my job, nothing personal, sorry.”
It also had an attachment that, if launched, would infect the computer and send a deluge of emails to everyone on their contacts list.
Whilst not everyone was fooled, there were enough to make a serious and devastating impact on the internet, with one particular company, SCO Group, the prime target for this destruction.
Initially, it was believed that the virus was launched as a form of technological activism; SCO Group was part of a somewhat infamous series of legal disputes centred around the open source operating system Linux, and it was initially believed that Mydoom was launched to take down SCO’s website.
This was ultimately proven to be false, and whilst the actual author is not known, the motive is believed to be part of an organised online crime operation.
Regardless, it would eventually infect 50m computers and cause over £30b in damage, disruption and lost earnings. At one point, it even managed to take down the website Google, as well as Microsoft and over 60 major cybersecurity companies.
To this day, there are still some unsolicited emails that contain Mydoom, although it is far less effective now than it was.
What Lessons Were Learned?
There were a lot of computer security lessons learned from Mydoom, and the development of Windows Vista, as well as email software more broadly, fundamentally changed as a result of the worm’s effects.
The first change was that operating systems were designed to be distrustful of software that they did not recognise; this meant that malicious programs such as viruses could not be as easily launched on business computers.
This, alongside more robust spam filters and more active threat detection, meant that indiscriminate viruses such as Mydoom would struggle to have the same impact again.
In the decades since Mydoom, cybersecurity threats have become significantly more targeted, focusing on specific companies with particular goals beyond mass proliferation.