The 80s scene
The early years of the 1980s were marked by great technological advancements, particularly the release of the first integrated and powerful personal computers. Apple introduced the “Apple II” microcomputer in 1977, and by the early 80s it was one of the most popular personal computers for business users, families, and schools. In 1981, computing giant IBM purchased the license to distribute the DOS operating system for their PC machines from an obscure company called Microsoft. At that time, computing companies were popping up quickly. The early 80s saw numerous home computers for sale, such as the Commodore 64 (1982) and the Atari ST (1985).
It sounds funny now thinking of those “extraordinary” computers of 80s while sitting on a desk with a modern hyper-threading CPU, gigabytes of memory, and wireless connection. Still, the 80s were the years during which personal computers established their foothold in homes and offices. For the first time people start having concerns about computer security. In the 70s, movies only showed computers in science-fiction settings, such as on space ships in StarWars. However, in the 80s, movies showed computers in more realistic setting, with movies like WarGames (1983) that showed how a simple tic-tac-toe game could be extremely dangerous.
As computers became more affordable and more common, they led to the formation of local computer clubs, in which intelligent, motivated, and very curious young people would get together to explore the new technologies. Out of these clubs emerged the first hacking groups. The 414s was the first hacking group to gain public attention. During the 1980s, their intrusions into dozen of high-profile systems, including Los Alamos labs and some banks, earned them celebrity and notoriety. Other notable groups were the Chaos Computer Club (CCC) in Germany and Masters of Deception (MoD) in the USA. The growing prominence of these clubs, and a long series of computer intrusions performed by many of those hacking groups, eventually led the US government to pass the Computer Fraud and Abuse Act in 1986.
In 1982 researchers John Shoch and Jon Hupp of the Xerox Palo Alto Research Center (PARC) coined the term “worm” in their paper “The Worm Programs – Early Experience with a Distributed Computation.” The term “worm” was taken from the science-fiction novel “The Shockwave Rider” but the concept exposed in the paper was very similar to modern worms we’ve seen:
The basic model, however, remains a very provocative one: a program or a computation that can move from machine to machine, harnessing resources as needed, and replicating itself when necessary. [J. Shoch / J. Hupp]
Ironically the implementation of the first worm was made to improve CPU efficiency by finding idle machines on the network and assigning them tasks to do (a white-worm). Even at this early stage, researchers were facing about a key problem: controlling a worm (“No Mr Sullivan, we can’t stop it!”). The experiment in fact ended up with the researchers shutting down the infected machines affected by uncontrolled copies of the worm program.
The word “virus” appeared only a few years later, in Fred Cohen’s paper “Experiments with Computer Viruses” published in 1984. Fred credited in his paper also Len Adleman (the “A” letter of RSA) with coining the term “virus”.
We define a computer “virus” as a program that can “infect” other programs by modifying them to include a possibly evolved copy of itself. [Fred Cohen]
So, viruses and worms were born on papers in early 80s, but when exactly the first computer virus was spotted in the wild? Modern Apple users won’t want to hear it, but the first known virus was created to run on Apple II machines. The virus was a program called “Elk Cloner” and it was distributed with a game on a floppy disk. After the 49th execution of the game, the virus would display a poem message and infect the computer.
In 1986 the first PC virus called “(c)Brain” was created by two brothers from Pakistan in order deter pirated copies of software they invented. The virus changed the label of 360 KB floppy disks to “(c)Brain” and included the following text in the boot sector:
Welcome to the Dungeon (c) 1986 Brain & Amjads (pvt) Ltd VIRUS_SHOE RECORD V9.0 Dedicated to the dynamic memories of millions of viruses who are no longer with us today - Thanks GOODNESS!! BEWARE OF THE er..VIRUS : this program is catching program follows after these messages....$#@%$@!!
Brain was quickly followed by Lehigh virus in US, Stoned in New Zealand and Ping Pong in Italy in 1987. Cascade and Jerusalem make their rounds on 1988 and introduce file infector virus using self-encrypting code. The modern computer virus age has officially begun.
The 80s ended with the first network incident of computer history: the Morris worm outbreak. On the evening of 2 November 1988, a strange program was launched from a VAX workstation at MIT labs. The program quickly begun to attack other machines that were connected to the same network and infected them one after one. The infection spread from Santa Monica to Berkeley University Unix servers up to the University of Utah and also infected NASA machines.
The author of this code, Robert T. Morris, was only 22 years old when he was sentenced to 3 years probation and a $10,000 fine. His original intent, according to him, was to gauge the size of Internet but he didn’t consider a design flaw in the worm code which allowed the worm to re-infect machines already infected.
So, that is a brief overview of the 1980s computer security scene. In subsequent blogs in this series, other Symantec bloggers will explore some of these issues in greater depth, particularly the first viruses and the first hacker clubs.
For more on Symantec's 25th anniversary, click here.