Gaurav Rathore
His write-ups blend creativity, personal experience, and tailored technical advice, meeting reader needs effectively.
Gaurav Rathore
His write-ups blend creativity, personal experience, and tailored technical advice, meeting reader needs effectively.
“In cybersecurity, the only constant is change. The bad guys are always adapting, so we must always be prepared to adapt as well.”
– Kemba Walden, Cybersecurity Executive, Microsoft
You must have heard about the increasing number of sophisticated cyber attacks these days. Last year only, there were over 6 billion malware attacks worldwide, which is about 190,000 attacks per second. (Exploding Topics: How many cyber attacks occur each day?)
These statistics are truly shocking and raise various questions. “Why has this sudden surge been observed in recent years?”, “Is there anything that companies are doing to prevent such attacks, or how do these cyberattackers bypass the security measures”?
Whenever the defense line is breached, the cybersecurity community works on even bigger and secure systems. This is how the evolution in the complexity and scale of malware attacks contributes to enhanced cyber defense.
In this article, I will walk you through the history of malware attacks and tell you how they played a role in digital security systems and will continue to do so in the future.
The Morris Worm: A Warning from the Early Days of the Internet
Let’s start with a worm that introduced itself in the early days of computing and crawled through the Unix operating system. Not a real worm, but it didn’t take Morris worms to spread across the early internet, just like an original one. At that time, roughly about 60,000 systems were connected, and according to Private Internet Access (PIA), 6,000 of them got infected with it.
The huge impact of this small worm compelled the U.S. Department of Defense security to create the Computer Engineering Defense Team (CERT) to improve the coordination of digital threat responses.
This virus not only exploited security vulnerabilities but human emotions as well. Imagine you receive an email with “ILOVEYOU” as the subject line, there is an enormous possibility that your curiosity will get the better of you, and you’ll open that email without any second thoughts.
This is exactly what happened with the people in May 2000. Just after 10 days of release, it reached 45 million people and proved to be a costly love letter, causing approximately USD 10 billion in damages.
Not only the improvements in technical aspects like better email attachment screening, this also contributed to user education programs on phishing and email safety.
FUN FACT
The ‘ILOVEYOU’ bug’s creator was traced back to a Filipino student who was initially trying to impress a girl.
Another worm, but this one was much stronger than the Morris worm. This self-replicating malware spread across hundreds and thousands of systems within hours of its release.
The major targets of the code red worm included the White House’s official websites. It would launch denial of service (DoS) attacks and then wait for further instructions or spread to other networks.
Before the code red worm attack, the potential of self-replicating viruses was unknown to the security systems. It led to innovation in several critical areas such as patch management, network segmentation, and behavioral detection, and also highlighted the importance of in firewalls defense.
Sasser Worm: A Call for Proactive Patch Management
In 2004, another attack shocked the world by being the first worm that spread through unpatched systems on the internet. It exploited vulnerabilities in the Microsoft Windows Local Authority Subsystem Services (LSASS) and affected many versions of Windows.
The major vulnerability of the system that it highlighted was the danger of delaying patching and how it invited malware to directly impact the bottom line of the companies.
This attack affected over 200,000 computers located in 150 different countries. It highlighted the issue of data management in critical infrastructures such as healthcare. You’ll be surprised to know that this even impacted bigger names such as the UK’s National Health Services (NHS), FedEx, and Nissan.
WannaCry sparked the global discussion on ransomware protection and regulations to minimize its impact such as timely software updates, patch management, and regular data backups.
You might remember seeing headlines about this highly sophisticated supply chain attack. Imagine you download a legitimate software update and get a free malware known as Sunburst with it. Sounds frustrating and weird, right?
But this is exactly what happened in 2020. The hackers infiltrated SolarWinds’s Orion software update, which compromised more than 18,000 organizations that including some major U.S. agencies.
This incident brought light to supply chain attacks and highlighted how important vendor selection and monitoring processes are for Safeguarding networks.
I told you about the various steps taken by the online defense systems to tackle the concerning issues at the time of attack, but that does not end there. These attacks still play and will continue to play a major role in shaping cyber defense systems.
Want to know how? The following five points will answer this question.
Training and providing adequate knowledge to your employees will help ensure that they are equipped with the knowledge to recognize and avoid potential threats.
DO YOU KNOW?
Around 1.2 billion malicious programs and potentially unwanted applications (PUA) are currently in existence.Alt Text – Total amount of malware and PUA (by year).
The digital defense systems were not always this intelligent and efficient as we know them today. From the six cyber attacks I discussed with you in this article, I think you must have understood how each event turned into a lesson for the cybersecurity defense systems and helped enhance the overall landscape.
As the attacks evolve, the defense systems will follow through and always try to gain an edge and remain a step or two ahead of the potential risks. Also, with the integration of new technologies, the future of digital security solutions is certain to be remarkable.
