Digital epidemics |
Digital epidemics It is worth saying that computer viruses are just one type of malware (we tell you more about malware here). However, in fact, classical viruses are not so widespread: many well-known cyberattacks were caused by computer worms, more contagious and independent. In this article we will talk about the differences between viruses and worms, as well as about the large-scale computer pandemics that have gone down in history. Virus or worm? Let's figure out what is what The virus spreads if the software or document to which it is attached is transferred from one computer to another. Transfer methods: shared network or disk, email, social networks and messengers, shared files. Computer worms are similar to viruses in that they copy their functional copies, but unlike viruses that require the distribution of an infected host file, worms are autonomous and do not require the participation of a person or a host program. To spread, the worm uses either a vulnerability in the target system, or deceiving the user to force him to launch himself. Also, the malware uses the functions of transferring files or information in the system to move without assistance. More advanced worms use encryption, cleanup, and ransomware technologies. The first viruses And the first computer worm Reaper was developed as an antivirus, which was supposed to remove the Creeper program. The most high - profile epidemics The Morris Worm Initially, the virus was conceived as harmless, but the worm proved to be more destructive on the network than planned. Morris' coding error, which instructed the worm to copy itself regardless of the infection status of the computer, turned the worm from a potentially harmless computational exercise into a denial-of-service virus attack. And Morris himself became the first person in history to be convicted under the Computer Fraud Act. I LOVE YOU Within 10 days, 45 million cases of infection were registered. It is believed that at least 10% of the world's computers connected to the Internet have been affected by this virus. Many large corporations have decided to completely disable the mail system to protect themselves. At that time, it became one of the largest computer disasters. The worm caused almost $15 billion in damage. Mydoom Mydoom was distributed mainly by email. The worm collected addresses from infected machines and sent its copies to these addresses. It is also known that the virus connected infected machines to a botnet (a network of other infected computers), which carried out distributed denial of service attacks (DDoS). These attacks targeted certain websites or servers (for example, a large-scale attack on Google in July 2004 completely stopped the search engine). Also in 2004, in the period from February 1 to February 12, Mydoom conducted a DDoS attack on the Microsoft website. The worm contained a text message "andy; I'm just doing my job, nothing personal, sorry" ("Andy, I'm just doing my job, nothing personal, sorry"), which suggests that the creator of the worm was paid. Despite the announced reward of $ 250,000 for any information about the creator of the worm, the developer of this dangerous malware has not been found. Mydoom exists today, generating about 1% of all phishing emails. This is quite a lot, considering that 3.4 billion phishing emails are sent daily. WannaCry In 2017, WannaCry infected the victim's computer using a vulnerability in the Microsoft SMB File Sharing Protocol version 1. To infect the system, WannaCry used EternalBlue, a publicly available vulnerability exploit. WannaCry then scanned the network to find other devices with the same unpatched security vulnerability. As soon as he found a new victim, he installed himself on a new device and repeated the process. WannaCry has spread to the systems of 150 countries around the world, infecting 10,000 computers every hour. Russia, Ukraine, India and Taiwan suffered the most. The attack affected many large companies. Among them are Telefónica, FedEx and Deutsche Bahn. Nissan and Renault have stopped production. National Health Service hospitals in England and Scotland were affected (70,000 devices were affected, including computers, MRI scanners, blood storage refrigerators; medical services were forced to abandon emergency care in non-critical situations, and some ambulances were diverted). In Russia, the attack affected the Ministry of Internal Affairs, Rosneft, Russian Railways, Sberbank, MegaFon. The total damage from WannaCry amounted to $1 billion. Conclusion The methods of delivery of malware have also changed. Today, not only e-mail, but also all kinds of messengers and social networks, vulnerable IoT devices give attackers the opportunity to roam. However, it is fair to note that mail remains the most common malware delivery channel. Go back |
13-03-2022, 13:26 |