Sunday March 20, 2016

A history of viruses

An example of an MS-DOS-based virus from the 90s, on display at the Malware Museum.

An example of an MS-DOS-based virus from the 90s, on display at the Malware Museum. (The Malware Museum)

Listen 9:36

Long before the Internet and portable hard drives, there were floppy disks. Square pieces of plastic that were a commonplace way to transport information from one user to another until about the mid 90s.

Along with useful data, the diskettes sometimes carried malware. These early viruses could cause bugs in your MS-DOS or encrypt all the information on your hard drive. But their primary purpose was disruption.

Computer security expert Mikko Hypp√∂nen, who's been studying viruses for over twenty years, says that early computer malware was a hobby, something young programmers did to show off to their friends and fellow coders in the community. Viruses made by certain programmers often contained recognizable signatures and incorporated bright colours, loud sounds and graphics into their bugs, because the creators wanted their work to be seen.   

Mikko has collected many of these viruses over the years, and he recently partnered up with Jason Scott from The Internet Archive to display the most interesting specimen in The Malware Museum. You can run over 80 different viruses on a DOS simulator right inside your browser - and don't worry, all the malicious parts of the code have been rendered harmless before being exhibited in the museum.

"You won't be able to infect your computer with any of the malware in the museum, but you can actually see what they looked like." Mikko told us. "For example, there is a famous virus that's called the Ambulance Car virus, which was spreading around 1990. Whenever it would infect computers, it would stay quiet for a week and then suddenly you'd have this animation of a white, black and red ambulance car driving across your screen with the ambulance car sound playing in the background."

MS DOS Ambulance virus1

(The Malware Museum)

As soon as money entered the picture, the art of programming viruses changed. It was no longer about showing off or seeing how far one viral piece of code would spread; instead, it was about the enormous amounts of money that could be stolen.

As the danger malware presented to the infected computer systems increased, the viruses also became less visible, sneakier. In order to keep logging keystrokes or pilfering sensitive data, the malware had to go unnoticed as long as possible. So everything that defined the viruses at the Malware Museum --the noises, the colours, the inside jokes-- became obsolete.

MS DOS Virus Example 2

(The Malware Museum)

But Mikko believes it's important for netizens to be familiar with viruses of the past: not just to reminisce about the lost art of virus programming, but also to learn about the evolution of our own interaction with data.

"I probably wasn't really appreciating them when I was analyzing these things twenty five years ago, but they are some kind of an art." Mikko explained. "They are visually interesting, and it's a very interesting look back at the early days of a problem that we still fighting today."