Each of us has encountered a computer virus at least once in a lifetime. And it is good if the pest is weak. A simple virus can easily be handled by an antivirus program. But more serious software, which is usually used by hackers, can cause irreparable damage to the entire system and personal data.
The concept
What is a computer virus, many know. But not everyone fully understands its role and capabilities. This type of malware can easily copy itself, penetrate the code of other applications, disrupt the performance of system memory structures and boot sectors, and spread through different communication channels.
Many inexperienced users believe that the task of the virus is to damage or delete personal data. In fact, this is not so. Of course, the types of computer viruses are different, but most often their main goal is the spread of malware. But the accompanying actions are just deleting information, damaging data elements, blocking functioning, and much more.
It is important to understand that a computer virus is not always controllable. Therefore, if the hacker did not want to create malicious elements, the software can still harm the system due to oversights that were made during development, and the OS and other applications simply may not register such errors.
Inexperienced users often call viruses any malware. This is not entirely correct, since specifically viruses are just a form of such software.
Birth
When specialists developed self-replicating programs, what is a computer virus - no one knew. But precisely such developments became the basis for its formation.
Before creating self-reproducing mechanisms, it was necessary to lay down the theory algorithms. This was done by John von Neumann. Already in 1951, he discovered ways to create such a program.
His idea was supported by many experts and began an active publication, which was devoted to the development of a self-reproducing system.
In one of the articles, the first mechanical design of this type was presented. So people were able to learn about a two-dimensional model of structures that could independently activate, capture and release.
Such a self-reproducing program was imperfect due to the fact that the virtual “creature” perished due to the lack of current supply to the platform.
Game without rules
Another attempt to develop the first computer viruses was the invention of an unusual puzzle called "Darwin." In the early 60s, scientists at an American company created a number of utilities that they called "organisms." Software had to be downloaded to the computer archives. The "organisms" that were formed by one player had to absorb the enemy "organisms" and take away their territory. The one who took all the memory or accumulated a greater number of points won.
Attempts
Many believe: mankind has learned what a computer virus is by the 70s of the XX century. But still it is impossible to name self-reproducing programs or games like "Darwin" viruses. The real "pests" became known much later and were much more influential and dangerous.
The very first computer virus was created in the early 80s. After that, the active development of malware began. As a result, along with Elk Cloner, the Joe Dellinger virus appears, the Dirty Dozen project, and then a number of antivirus utilities.
Richard Grant was the first to reveal the boot virus to the world. Elk Cloner was developed specifically for the Apple II. It was possible to find the “pest” right away when the system started: a message appeared with a small poem in which the virus threatened the user with the loss of personal files, disruption of system operation and the inability to delete.
John Dellinger begins his activities. He also developed a virus for Apple II. The specialist so wanted to be the first to miss one of the malware. She began to "creep" throughout the university. One of the sectors of memory analysis easily detected it. Although an ordinary user could not find this section in the system.
The John Dellinger virus suppressed the graphics of one famous puzzle. As a result, after half a month all the “pirated” versions were “broken”. To fix the error, the developer created another virus that fixed the previous version.
Development
By 1984, many experts began to understand what a computer virus is. The first research article was released, which raised the issues and problems of systemic infection. Despite the fact that the term was proposed by the curator of the author of the article, it is the researcher Cohen who is called the author of this term.
Defensive reaction
When many began to understand what a computer virus is, it turned out that there was a need to create system protection from it. The first antivirus program was the development of Andy Hopkins. Since 1984, a similar utility has been analyzing the text of the boot file, pointing to all the dubious elements of codes and notifications.
At one time, it turned out to be the simplest and most effective. The program could redirect the recording and formatting processes that occurred through the BIOS. At the same time, she allowed the user to intervene in the operation.
System disasters
By the end of the eighties, a cheap IBM PC was released. His appearance was the impetus for the development of larger viruses. Therefore, in a short period there were three major systemic disasters.
Brainstorming and Guest from Jerusalem
Naturally, computer virus epidemics did not happen before. Therefore, the fight against them was not easy. The first attack was due to the Brain virus, which was developed by two brothers back in 1986. And the very next year it was launched on all computers.
Now it’s hard to say how large the epidemic was. It is only known that the virus affected more than 18 thousand systems. As it turned out later, the brothers did not want to harm anyone. The virus was supposed to punish the "pirates" who stole the software. But something went wrong, and Brain touched not only Pakistan itself, but also users around the world. Many experts got acquainted with the first stealth virus, which changed the infected sector to its holistic original.
The pest known as Jerusalem is also associated with the Brain virus. In the late 80s, several companies and universities were affected by it. The virus instantly deleted data when it was activated. Later it became known that this is one of the largest pests that has affected users from Europe, America and the Middle East.
Error handling
The infection with computer viruses did not stop there. Soon, the world learned about the Morris worm. This was the first network pest to target a Unix attack. It was planned that the utility will get into the computer system and be saved there, without the possibility of detection. The author of the virus wanted to make it hidden and harmless, but everything went wrong. The reason for the self-propagation of the virus was the mistakes made during development.
The Morris worm epidemic had a major impact on the functionality of the systems. Later it turned out that the damage amounted to 96 million dollars. Although, if the author wanted to deliberately harm the operating system, the amount would be much larger.
Such an unsuccessful development led Morris to court, where he was assigned three years probation, sent to community service and forced to pay a "round" amount.
Virus series
Until experts began to understand the types of computer viruses, systemic epidemics occurred more and more often. So in 1989 DATACRIME became known. It was not just a virus, but a whole series. In just a few months, she managed to hit more than 100 thousand systems.
This problem could not pass by the programmers, and utilities were soon released that scanned lines specific to this virus.
When this series of virus programs was finished, the first “Trojan horse” called AIDS immediately appeared. So users learned about ransomware programs that blocked access to data on the hard drive and showed only information on the monitor. AIDS demanded $ 189 at a specific address. Naturally, many users paid the ransomware. But he was soon arrested, caught on cashing checks.
Classification
It turned out that knowing what a computer virus is is not enough. It was necessary to somehow distinguish between “pests” in order to develop protective utilities afterwards. In addition, the development of PC influenced the classification of computer viruses.
Malicious programs can now be classified according to the methods of "reproduction" and functionality. Before the widespread development of the Internet, viruses could be stored on floppy disks and other media. Now they are mainly transmitted through local and global networks. Along with this, their functionality has grown.
Unfortunately, a clear classification has not yet been developed. However, viruses can be divided into those that:
- have different methods of defeat;
- distributed by different mechanisms;
- harm operating systems;
- use special technologies;
- written in different languages;
- have additional malicious functionality.
Defeat methods
This includes the following types of computer viruses: file, boot, script, violating the source code, macro viruses.
For example, a file pest affects the computer file system for its “reproduction”. It is embedded in almost any executable document of the operating system. Usually, with his “victim”, he can choose binary files with the extension “.exe” or “.com”, he can affect a dynamic library, firewood or batch files.
Macrovirus usually "settles" in application packages such as Microsoft Office. With the help of macro languages, such “pests” can move from one file to another.
Infection mechanisms
In this group there are viruses that can parasitize, add themselves to the executable file. There is malware that overwrites and irreparably spoils information. Files that are presented as a separate document may also be included here.
Operating Systems
There are viruses that can infect any operating system. But not all malware is designed to “cooperate” with each platform. Therefore, hackers develop viruses for individual OS. This includes DOS, Windows, Linux, Unix, and many others.
Technology
The peculiarity of computer viruses is that they can use special technologies. For example, polymorphic viruses use a technique that lowers their detection rate. As a result, the simplest antivirus applications cannot detect the pest.
Stealth viruses translate as "invisible." Such software hides its presence in whole or in part. To do this, the virus intercepts calls to the OS.
This group includes rootkits. They can be represented by executable files, scripts, configuration documents. Their task is to provide camouflage of objects, to manage events that occur in the system, to collect data.
Computer viruses and antivirus programs
Since the advent of viruses and antiviruses, a lot of time has passed. In different years, special pests appeared, which were remembered all over the world due to their catastrophic influence.
For example, CIH is a virus that was dedicated to the tragedy at the Chernobyl nuclear power plant. At the time of activation, the "pest" paralyzed the operation of all systems. Nimida was the fastest virus that took a quarter of an hour to infect a million PCs.
Slammer was nicknamed the most aggressive because the virus deleted information from 75 thousand systems in just 10 minutes. Conficker is considered to be one of the most dangerous "pests". The worm attacked systems on Windows and in 3 months harmed 12 million computers.
In the 2000s, the ILOVEYOU virus was registered. Later, he got into the Guinness Book of Records, receiving the title of "The most destructive computer virus in the world." This worm hit 15 million computers, and the damage to the global economy, according to various estimates, amounted to 10-15 billion dollars.
Now virus attacks still occur, but powerful antivirus programs can sometimes cope with them. There is an international independent organization that analyzes the performance of protective utilities. AV-TEST presented a list of the best antivirus programs of 2017:
- Avira Antivirus Pro;
- Bitdefender Internet Security;
- Kaspersky Lab Internet Security;
- Norton Security
- Trend Micro Internet Security.
At the moment, these are the most efficient utilities. And although they are all paid, each has a trial period, as well as a relatively low annual cost.