Malware: Understanding the enemy

Today, malware is everywhere. Spreading across the web, infecting desktops, mobile, and tablets – it’s the modern, cyber equivalent of the plague.

So how did we arrive at this place? A place where it’s estimated that, in 2015 alone, close to half a billion types of malware have been identified – that’s 1.4 million types each day and seven million a week – staggering numbers when put into perspective.

Much of this malware is designed and distributed through a complex ecosystem of organised crime, out to attack innocent victims and profit from ordinary people’s lack of knowledge of how to protect themselves online.

Well, to understand the present, you have to understand the past.

The beginning

The PC was just six years young when the first virus was written. Elk Cloner infected Apple’s LLC operating system. Once it skulked onto a computer it cloned itself, shifting across new disks across the system and culminating in a poem about ‘infiltrating chips’ and ‘sticking to you like glue’. Pretty sweet and innocent by today's standards.

‘Hacking’ mirrored the culture of the era. It was easy, mainly due to the pretty non-existent amount of attention paid to cybersecurity by organisations of the time. It was more of a hobby than anything else and it fitted the image of an adolescent youth holed up in his parent’s garage, tapping away on his Xerox Star. Hacking was more about vandalism than financial gain back then.

However, the opportunity was there and it didn’t take long for it to be exploited. By the Nineties, malware had become more cunning and crucially able to evade detection. Its ability to spread also increased – thanks mostly to the advent of the Internet. The teenagers in their garages larking about had turned into the web’s bad guys and they were here to stay.

The turning point

As the clocks struck midnight on January 1st 2000, a lot of people were expecting a major technological crash. When it didn’t happen, people rejoiced – what they didn’t know is that the new millennium had something far more sinister up its sleeve.

The ‘I Love You Virus’, a malware written by two young Filipino programmers Reonel Ramones and Onel de Guzman, spread like wildfire across the world in a matter of hours. Infecting email programmes, it overwrote millions of files on computers and cost the US government $5.5 billion to clean up. TIME magazine dedicated its front page to the virus, warning people how to stay safe. Bill Gates was forced to defend his Windows OS – which bore the brunt of infections.

Viruses evolved and spyware rose to prominence as the Noughties rolled on. As the world of publishing grappled with how to make money in a changing world, advertising toolbars became happy hunting grounds for hackers, who stole monetary details and examined browsing habits – often from thousands of miles away.

All grown up

As with all clever inventions, malware’s potential as a big money-spinner would naturally lead it into the hands of organised crime syndicates. Today these are prevalent across the world. From the humid buildings of Southeast Asia to the sub-zero office blocks of Eastern Europe, where new banking Trojans and new exploit kits are being developed at a ferocious pace.

However, it’s no longer from the basements and garages of yesteryear where these malicious programmes are being written. These are proper companies set up to create malware at a profit, creating much of the malware we see today. These often work 9-5 and have marketing departments to publicise their code – not on billboards but in underground forums. These businesses have established distribution channels, sales reps, and even customer services centres.

The fight continues

The malware game has become so complex and so lucrative that the war against it shows little sign of letting up. It’s a case of slamming doors – not only has one been firmly shut then another is opened to reveal a new type. Many of these scammers are harder to track and ultimately block given their locations in nooks and crannies across the world, not to mention the lack of laws in place to bring them to book.

As a collective, the organisations and law enforcement agencies around the world that are committed to fighting cybercrime need to ensure we are evolving as fast as the criminals. It’s imperative that we are at the cutting edge of the most dangerous of the malware scams to ensure we stop the very worst ones succeeding but more so we must take these attacks seriously.

Sun Tzu, one of Ancient China’s most famous generals, once said: ‘To know your enemy, you must become your enemy’. While turning into malware writers and cyber crooks is not the answer, learning how these organisations operate, what their aims and targets are is vital to defeating them.

Crooks are full of opportunity – it’s up to all of us to ensure they don’t succeed.

Mark Patton, VP Engineering, Malwarebytes

Image Credit: Shutterstock / CobraCZ