- Brian, the first PC virus, is created. The boot virus originates in Pakistan.
- First file virus, Virdem, is discovered, originating in Germany.
- The IBM Christmas Worm strikes, replicating at up to 500,000 times per hour on mainframes. Fastest-spreading virus seen at that time.
- The Lehigh virus, the first command.com infector, wipes out 500 system disks at Lehigh University.
- Robert Morris Internet Worm spreads to 6,000 computers, 10 percent of all computers on the Internet. Internet traffic is crippled. CERT is formed in response.
- AT&Ts long-distance telephone switching system crashes. Investigators suspect hackers.
- Michaelangelo virus is set to trigger on March 6 and predicted to cause widespread damage. A few hundred systems are hit amid panic.
- Hackers break in to a computer at Griffith Air Force Base. They also penetrate the Korean Atomic Research Institute, NASA, the Goddard Space Center and the Jet Propulsion Laboratory.
- On Thanksgiving, the “Internet Liberation Front” wreaks havoc and mayhem for GE, IBM, Pipeline and others by hacking into their computer systems.
- First Word macro virus, Concept, infects Microsoft Word documents.
- Defense Department computer files come under attack 250,000 times. About 65 percent of the attempts are successful.
- First Microsoft Access macro viruses found.
- First AOL Trojans designed to steal from America Online users are unleashed by the spamming of AOL e-mail addresses with Trojans.
- Hackers alter the New York Times Web site in protest of the arrest and imprisonment of Kevin Mitnick. They rename the Web site HFG, or “Hacking for Girls.”
- W97.M.Melissa spreads rapidly worldwide. The virus infects Word documents and e-mails itself to everyone in the Outlook address book. Thousands of e-mail servers are shut down.
- W32.Funlove.4099 is discovered. The worm utilizes a known Microsoft Outlook Express security hole so that a viral file is created on the system without having to run any attachment.
- Classified computer systems at Kelly Air Force Base come under attack by hackers from locations around the world.
- U.S. Information Agency Web site is hacked for the second time in six months. The attacker breaks through the agencys Internet security and damages the hard drive.
- VBS.LoveLetter is discovered and spreads to Internet chat rooms using mIRC. The worm overwrites files on local and remote drives and tries to download a password-stealing Trojan horse program from a Web site.
- Palm.Liberty.A, the first Trojan horse for Palm OS, is discovered.
- Denial-of-service attacks on eBay, eTrade, Ziff Davis, Buy.com and CNN.com shut down sites for hours.
- In July, one month after Microsoft announced a vulnerability in Internet Information Server 4.0 and Internet Information Services 5.0, Code Red, self-propagating malicious code, is released and begins to exploit IIS-enabled systems. In early August, the Code Red II worm, exploiting the same vulnerability, appears.
- On July 25, W32/Sircam Malicious Code appears, spreading through e-mail and unprotected network shares. The code affects both the infected computer as well as all those in its e-mail address book.
- The W32/Nimda worm, taking advantage of back doors left behind by the Code Red II worm, is the first to propagate itself via several methods, including e-mail, network shares and an infected Web site. The worm spreads from client to Web server by scanning for back doors.
Sources: Symantec Corp., CERT, eWEEK reporting
Also in this Special Report
- Ignorance: The Hackers Best Friend
- Security Roundtable
- Here Be Dragons: Web Services Risks
- Threats to Come
- Community Builds Security: Labs Answers Your Security Questions
- WLAN Hardening Checklist
- Application Hardening Checklist
- Operating System Hardening Tips