Trivia Tuesday: Security Nightmares

There's nothing worse than malware, whether it's a virus, a trojan, or just a misbehaving cookie. Yet with all the carnage they've caused, there was a time when most of your worst security nightmares were science fiction, the domain of theoretical science, or just a harmless prank from AOL. Boy, have things changed...

Phishing scams: Phishing is one of the oldest and simplest tricks in the book. It’s also one of the most effective, since it doesn’t depend on any fancy coding tricks to burrow into your OS, or even getting you to install malicious software. Anyone who’s spent 15 minutes online has seen it – cybercriminals ‘baiting’ their prey with everything from poorly worded spam emails to spoofed websites that could fool a pro, hoping to steal as much information as they can, or just earn a quick buck.

The Nigerian 419 scam is older than Nigeria itself. Actually, it's been around since the 19th century (the 1588 date given by some sources is probably poppycock), when scammers posed as political prisoners of Spain in an attempt to separate their would-be victims from their hard earned cash

Phishing is probably as old as the internet itself, and even older if you count its spiritual predecessors. Like almost any crime, it’s a little hard to trace it down to its origins, but phishing probably started out as a fairly benign prank, a trend you’ll start to notice is pretty common in the cybersecurity field. Regardless, it’s been pretty successful at its malevolent task, and at being a real PITA for the rest of us.

Viral Shock: Believe it or not, for the first 30 or 40 years of computing, viruses were strictly the domain of science fiction (the term supposedly originates from David Gerrold’s When HARLIE Was One). The first computer virus to attack outside of a controlled environment was a fairly harmless little program (there’s that trend again) called Elk Cloner (the program with a personality!) that infected Apple II computers through infected floppy disks - this was in 1982, by the way, so it was pretty cutting edge. Lots of folks were still using cassettes in those days.

If you think DRM is bad, be glad that you (hopefully) weren't around for (C)Brain, a DOS virus written by two Pakistani developers to punish anyone dumb enough to pirate their software

The real nightmare started in the ‘90s. As you can imagine, the damage caused by viruses that relied on floppies for transmission was fairly minimal, but the internet opened the floodgates on an unsuspecting world. Some of the most horrifying threats turned out to be a lot of hot air (cough Michelangelo cough), while others, like CIH, turned thousands of computers into coffee tables. And it wasn’t just Windows PCs that were hit; viruses like INIT 1984 and SevenDust hit Macs, while Bliss and Staog took Linux head on.

Trustworthy Computing: In 2002, seeing the damage that was being done to their users and to their brand, Microsoft decided that it was time to strike back against the bad guys. Famously, Bill Gates sent out his Trustworthy Computing memo, urging Microsoft to build an operating system who's security was 'as reliable as the electricity that powers our homes and businesses today.' Some of the goals outlined in that memo were achieved right away, while they're still working on others to this day. Regardless of their strides in OS security over the last ten years, Microsoft's security practices have still been blasted by their, ahem, competitors.

Microsoft has tried some interesting tactics to try and keep PCs secure, including offering the BlueHat Prize to reward innovative security ideas

The Future: Technology tends to get more sophisticated with time (even if it gets simpler on the surface), and security threats are no different. The trojans, worms, and viruses of today are a lot more complicated than the trojans, worms, and viruses of 10 years ago, but so are the programs that guard against them. Thanks to a lot of hard work, computers are a lot more secure than they used to be, but the battle is far from won. Over the next 10 years, don’t be surprised to see cyberwar get even more heated, and keep an eye on your mobile devices, too. Security experts have been sending dire warnings of the impending mobile apocalypse for the last few years now, and they might even eventually get it right.