A Short History of Computer Viruses and Attacks
by Al Qaeda Feared (The Washington Post, Jun 27, 2002)
Pushing Cybersecurity Insurance (TechNews.com, Jun 27, 2002)
Documents and Resources On The Web (TechNews.com, Jun 26, 2002)
The U.S. Government and Cybersecurity (TechNews.com, Jun 26, 2002)
in U.S. Government's Cybersecurity Efforts (TechNews.com, Jun 26, 2002)
Compiled by Brian Krebs
washingtonpost.com Staff Writer
Wednesday, September 18, 2002; 12:00 AM
1945: A moth is found trapped between relays in a computer operated by the U.S.
Navy. From then on, problems with computers are referred to as "bugs," and the
process of removing them is called "debugging."
1949: Hungarian scientist John von Neumann (1903-1957) devises the theory of
1960: AT&T introduces its Dataphone, the first commercial modem.
1963: Programmers develop the American Standard Code for Information Interchange
(ASCII), a simple computer language that allows machines produced by different
manufacturers to exchange data. 1969: Programmers at AT&T's Bell Laboratories
develop the UNIX operating system, the first multi-tasking operating system.
1969: The Advanced Research Projects Agency launches ARPANET, an early wide area
network used by government research groups and universities. The network serves as the
test bed for the development of communication protocols that will lead to the creation of
1972: Future Apple Computer co-founder Steve Wozniak builds his "blue
box," a tone generator that allows him to make free long-distance phone calls.
Wozniak sells the device to fellow University of California-Berkeley students, eventually
spawning a generation of so-called "phone freaks," or "phreakers,"
some of the earliest "hackers."
1974: Telenet, a commercial version of ARPANET, debuts.
1979: Engineers at Xerox Palo Alto Research Center discover the computer
"worm," a short program originally designed to scour a network for idle
processors. Designed to provide more efficient use of computers, the "worm" is
the ancestor of modern worms, or destructive computer viruses capable of altering or
erasing data on computers and often leaving infected files irretrievably corrupted.
1983: Pursuing a doctorate in electrical engineering from the University of
Southern California, student Fred Cohen coins the term "computer virus," to
describe a computer program that can "affect other computer programs by modifying
them in such a way as to include a (possibly evolved) copy of itself." Anti-virus
makers later capitalize on Cohen's research on virus defense techniques.
1984: In his book, "Neuromancer," author William Gibson coins the term
"cyberspace," a word he used to describe the network of computers through which
characters in his futuristic novels traveled.
1986: One of the first PC viruses ever created, "The Brain" is
released by programmers in Pakistan.
1988: Twenty-three-year-old programmer Robert Morris unleashes a worm that that
invades ARPANET computers. The small program disables roughly 6,000 computers hooked to
the network by flooding their memory banks with reproduced copies of itself. Morris
confesses to creating the worm out of sheer boredom and is fined $10,000 and sentenced to
three years' probation.
1991: Symantec launches its "Norton Antivirus" program.
1991: Programmer Philip Zimmerman releases "Pretty Good Privacy"
(PGP), a free and powerful data-encryption tool. The U.S. government begins a three-year
criminal investigation on Zimmerman, alleging he broke U.S. encryption laws after his
program spread rapidly around the globe. The government later dropped the charges.
1994: Inexperienced e-mail users dutifully forward an e-mail warning people not
to open any message with the phrase "Good Times" in the subject line. The
missive, which warns of a virus with the power to erase a recipient's hard drive,
demonstrates the self-replicating power of the e-mail virus hoax that circulates in
different forms today.
1998: Intruders infiltrate and take control of more than 500 military,
government and private sector computer systems. The incidents -- dubbed "Solar
Sunrise" after the well-known vulnerabilities in computers run on the Sun Solaris
operating system -- were thought to have originated from operatives in Iraq. Investigators
later learn that two California teenagers were behind the attacks. Nevertheless, the
experience gives the Defense Department its first taste of what hostile adversaries with
greater skills and resources would be able to do to the nation's command and control
center, particularly if used in tandem with physical attacks on key pressure points.
1999: The infamous "Melissa" virus infects thousands of computers
worldwide with alarming speed, causing an estimated $80 million in damage and prompting
record sales of antivirus products. The virus executes a program that sends copies of
itself to the first 50 names listed in the recipient's address book. The virus also
infects other Microsoft Word documents on the user's hard drive, mailing them out in the
same fashion as attachments.
2000: The "I Love You" virus infects millions of computers virtually
overnight, using a method similar to the Melissa virus. The virus also sends passwords and
usernames stored on infected computers back to the virus' author. Authorities trace the
virus to a young Filipino computer student, but the Philippine government cannot prosecute
him because the country has no laws against hacking and spreading computer viruses. The
incident highlights the need for more global cooperation in prosecuting computer crime,
many lawmakers and experts say. This spurs the creation of the European Union's global
2000: Yahoo, E-bay, Amazon, Datek and dozens of other high-profile Web sites are
knocked offline for up to several hours following a series of so-called "distributed
denial-of-service attacks." Investigators later discover that the DDOS attacks - in
which a target system is disabled by a flood of traffic from thousands of computers
simultaneously - were orchestrated when the hackers co-opted powerful computers at the
University of California-Santa Barbara.
2001: The "Anna Kournikova" virus, promising digital pictures of the
young tennis star, mails itself to every person listed in the victim's Microsoft Outlook
address book. This relatively benign virus frightened computer security analysts, who
believe it was written using a software "toolkit" that allows even the most
inexperienced programmer to create their own computer virus.
2001: The Code Red and Code Red II viruses or "worms," infect tens of
thousands of systems running Microsoft Windows NT and Windows 2000 server software,
causing an estimated $2 billion in damages.
2001: Debuting just days after the Sept. 11 attacks, the "Nimda" virus
infects hundreds of thousands of computers around the world. The virus is considered the
most sophisticated to surface in the wild, employing up to five different methods of
infecting systems and replicating itself. Attention given to the virus is eclipsed by
coverage of the Sept. 11 attacks. The virus continues to infect computers, albeit at a
much slower pace.
2001: In the wake of the Sept. 11 terrorist attacks, President Bush appoints
Richard Clarke to serve as America's first cybersecurity czar.
2002: Melissa virus author David L. Smith, 33, is sentenced to 20 months in