The beginning of the new millennium is marked by the rapid development of the Internet and the growing number of Internet users. At the same time, there has been a sharp increase in the number of cyber attacks. Fortinet presents the future development of cybercrime by highlighting the first worms that spread without the need for user intervention.
History of cybercrime: from reptiles to phishing and ransomware
1999 was a time of fear for the development of new companies in the high-tech industry (called dotcoms) and at the same time for Y2K failure. It is known in Poland as a bed bug. This phenomenon caused widespread panic, as there were concerns that older computers would fail after December 31, 1999, due to a malfunction in the computer’s BIOS that controlled the operation of the motherboard. Its creators risked saving the current year using only the last two digits. This will result in a situation where on January 1, 2000, the computer’s operating system “thought” on January 1, 1900. This will disrupt, for example, critical infrastructure: from gas pumps and elevators to power plants and electricity. plants. Finally, Y2K turned out to be less of a problem than previously thought. As a result of global inspections in 1999, most companies and individuals did not feel this way. However, as Fortinet experts recall, fear of Y2K has dominated news around the world for months.
1999/2000: The first botnet appears
In 2000, regular access to the Internet became increasingly popular. Home users and businesses can be online around the clock. This was an irresistible opportunity for cybercriminals, and thus entered the era of botnets and worms.
The botnet is simply a group of infected computers under the control of an operator. In those years, botnets were very simple. The first botnet observed was EarthLink Spam, which debuted in 2000. His task was simple: to send a large amount of spam. He was responsible for 25% of all junk mail at the time, a total of about 1.25 billion messages. Its operator, Khan C. Smith, was fined $ 25 million.
Earlier, GTbot was created in 1999, and it became the first botnet in history. It was a very primitive tool. Spread to other devices and received commands through IRC cracks. Its controllers used a network of infected devices to carry out DDoS (Distributed Denial-Of-Service) attacks.
picture: mat. press releases
The growing popularity of worms
The growing popularity of worms
Worms are still part of the hacker’s arsenal, although they are not as common as they were 20 years ago. They differ from viruses in that they do not require human intervention to spread. In the early 2000s, worm infections were usually quite noticeable, often making it impossible to use a device. The worms used more and more computing power and eventually stopped working on the infected machine. Their actions were used, among others, to carry out DoS (denial of service) attacks. When the malicious code, for example, spread to the whole company, it disrupted its activities, regardless of the intentions of the creators of the worm.
2000: I LOVE YOU
The new millennium began with the media coverage of the record-breaking “I LOVE YOU” worm. It was created by Onel De Guzman, a student from the Philippines.
I LOVE YOU is spread through many mechanisms. First of all, it was sent to users via e-mail with a malicious application called “LOVE-LETTER-FOR-YOU.txt.vbs”. This method is still used as part of hackers’ strategies by Emotet authors.
2003: Blaster (MSBlast, lovean)
By August 2003, many corporate and business users were already connected to the Internet using broadband. This led to record-breaking attacks by worms and similar tools. Blaster (also known as MSBlast and Lover) was released on August 11 this year. Users were shocked when their computers suddenly started showing the Blue Screen of Death and restarting. They didn’t know at the time that their work was interrupted by the Blaster worm. This was the first Global Service denial attack.
The explosion was extremely destructive. It did not stop working, even with a constant restart of the computer. Then everything started again and caused the device to shut down again. It used process vulnerabilities in Windows XP and 2003 to spread the word. Fortunately, the Microsoft author made a mistake and redirected Blaster to the wrong domain. In fact, the devices used the windowsupdate.microsoft.com domain to download updates.
The intentions of the Blaster authors were revealed in a message in the malware code:
I just want to say I LOVE YOU SAN !! Billy Gates, why do you do that? Stop earning money and fix your software!
The main thing is that Blaster did not infect patched devices before August 11. This example clearly shows how important it is to keep your devices modern. Unfortunately, to date, many users ignore this rule.
It was the fastest-growing email worm in history and remains a record holder to this day. Even the famous I LOVE surpassed you.