Nobody is rolling out the cake and bubbly to celebrate it, but this year marks the 50th anniversary of what’s widely considered the first computer virus: Creeper.
Other than causing some printer malfunctions and displaying the message “I’m the creeper, catch me if you can” on computer screens, Creeper was a harmless self-replicating computer program. In fact, it deleted prior versions of itself as it moved from one computer to another.
Today, of course, viruses and other cyber threats are a global, multi-trillion-dollar problem. They can not only compromise computers and data, but also cause physical damage and bring down critical infrastructure.
To understand how we got here, it’s worth looking back to cybersecurity’s origins. Knowing how cyber threats emerged and evolved in the past can help you be mindful of how they might change in the future, so you can protect your business.
The dawn of cybersecurity
Creeper was created in 1971 at BBN Technologies. The program spread on computers that were connected on ARPANET, a precursor to the internet.
It wasn’t until a decade later that we encountered viruses that could spread in the wild. The first known example of such was Elk Cloner, another harmless virus that spread to Apple II computers from infected floppy discs.
Then came the viruses that did damage. PC-Write Trojan, for example, arrived in 1986. It was an early trojan virus that erased all of a user’s files on a system. The Morris Worm debuted in 1988 and was reportedly created for an innocent purpose: to measure the size of the internet. But it replicated so aggressively that it slowed the internet to a crawl.
Meanwhile, it wasn’t only viruses that threatened computer security in these early days.
Known threats also included malicious insiders who were reading documents they shouldn't. Outsiders were also finding ways to hack into systems to access sensitive information. For example, German hacker Marcus Hess in 1986 piggybacked onto U.S. government networks and hacked 400 military computers.
Countermeasures take shape
Creeper was more than the first computer virus. It also spawned the creation of the first antivirus software, Reaper, to chase and delete Creeper.
Security solutions began appearing in the ’80s as malicious viruses appeared, but the early ’90s saw an explosion of anti-virus scanners. These products scanned all the binaries on a given system and tested them against a database of "signatures."
These early attempts to combat malware faced two issues that were never entirely solved: false positives and intensive resource use. At the same time, the number of malware samples being produced exploded, from tens of thousands of known instances in the early ’90s to millions of new samples every year the next decade.
This surge in malware, combined with other threats like phishing, hacking and insider activities as well as a greater reliance on connectivity to do business, have given rise to a cybersecurity market that’s expected to reach $150 billion this year.
Coordinated efforts by governments, academia and industry to stay on top of changing threats have also evolved. For example, the Morris Worm led to the creation of the first Computer Emergency Response Team (CERT). Today, governmental organizations like ICS-CERT, standards bodies like ISA and IEC, and coalitions like the ISA Global Cybersecurity Alliance are all working to combat threats – and that’s just in the industrial sector.
Staying ahead of changing threats
If history teaches us anything, it’s that cyber threats aren’t static. They’re only going to continue to grow and evolve. The challenge for you is to be equally nimble in how you manage risk.
This is why a robust cybersecurity approach is so critical. No single silver-bullet solution exists. Protecting your business requires a multi-layered defense strategy that combats known threats and actively watches for suspicious activity to help keep you safe from the many unknown ones.