Trail of Destruction: The History of the Virus
Brian, the first PC virus, is created. The boot virus originates in Pakistan.
First file virus, Virdem, is discovered, originating in Germany.
The IBM Christmas Worm strikes, replicating at up to 500,000 times per hour on mainframes. Fastest-spreading virus seen at that time.
The Lehigh virus, the first command.com infector, wipes out 500 system disks at Lehigh University.
Robert Morris Internet Worm spreads to 6,000 computers, 10 percent of all computers on the Internet. Internet traffic is crippled. CERT is formed in response.
AT&Ts long-distance telephone switching system crashes. Investigators suspect hackers.
1992 Michaelangelo virus is set to trigger on March 6 and predicted to cause widespread damage. A few hundred systems are hit amid panic.
Hackers break in to a computer at Griffith Air Force Base. They also penetrate the Korean Atomic Research Institute, NASA, the Goddard Space Center and the Jet Propulsion Laboratory.
On Thanksgiving, the "Internet Liberation Front" wreaks havoc and mayhem for GE, IBM, Pipeline and others by hacking into their computer systems.
First Word macro virus, Concept, infects Microsoft Word documents.
Defense Department computer files come under attack 250,000 times. About 65 percent of the attempts are successful.
First Microsoft Access macro viruses found.
First AOL Trojans designed to steal from America Online users are unleashed by the spamming of AOL e-mail addresses with Trojans.
Hackers alter the New York Times Web site in protest of the arrest and imprisonment of Kevin Mitnick. They rename the Web site HFG, or "Hacking for Girls."
W97.M.Melissa spreads rapidly worldwide. The virus infects Word documents and e-mails itself to everyone in the Outlook address book. Thousands of e-mail servers are shut down.
W32.Funlove.4099 is discovered. The worm utilizes a known Microsoft Outlook Express security hole so that a viral file is created on the system without having to run any attachment.
Classified computer systems at Kelly Air Force Base come under attack by hackers from locations around the world.
U.S. Information Agency Web site is hacked for the second time in six months. The attacker breaks through the agencys Internet security and damages the hard drive.
VBS.LoveLetter is discovered and spreads to Internet chat rooms using mIRC. The worm overwrites files on local and remote drives and tries to download a password-stealing Trojan horse program from a Web site.
Palm.Liberty.A, the first Trojan horse for Palm OS, is discovered.
Denial-of-service attacks on eBay, eTrade, Ziff Davis, Buy.com and CNN.com shut down sites for hours.
In July, one month after Microsoft announced a vulnerability in Internet Information Server 4.0 and Internet Information Services 5.0, Code Red, self-propagating malicious code, is released and begins to exploit IIS-enabled systems. In early August, the Code Red II worm, exploiting the same vulnerability, appears.
On July 25, W32/Sircam Malicious Code appears, spreading through e-mail and unprotected network shares. The code affects both the infected computer as well as all those in its e-mail address book.
The W32/Nimda worm, taking advantage of back doors left behind by the Code Red II worm, is the first to propagate itself via several methods, including e-mail, network shares and an infected Web site. The worm spreads from client to Web server by scanning for back doors.
Sources: Symantec Corp., CERT, eWEEK reporting
Also in this Special Report
Ignorance: The Hackers Best Friend
Here Be Dragons: Web Services Risks
Threats to Come
Community Builds Security: Labs Answers Your Security Questions
WLAN Hardening Checklist
Application Hardening Checklist
Operating System Hardening Tips