Tribal Lines Are B
Trapped
Total Dysfunction
Too Close For Comf
Tonight, We Make O
To Quit or Not to
To Betray, or Not
Tiny Little Shanks
Time to Bring Abou
Ticking Time Bomb

Trust Your Gut
Truth Kamikaze
Tubby Lunchbox
Turf Wars
Two Brains Are Bet
Two for the Price
Two Tribes, One Ca
United We Stand, D
Vibe of the Tribe
Villains Have More
<<      >>
Trojan Horse', 'Firesweep', 'Rabbit' and 'Trapdoor' – are still believed to be in use by the Chinese and Russians. The 'Black Widow' trojan was an example of 'active' malware that caused its host to forward malicious payloads to others, without the user's knowledge. Trojans were sometimes referred to as 'bombs without fuses'. The first piece of research on malicious software was published in the form of a book, _The Computer and the Mind_ , in 1984. Its author, Marvin Minsky, described the spread of malicious software as 'an epidemic', and suggested that if a security system was installed that could detect malware and prevent its propagation, a 'pandemic' would be prevented. In 1988, however, Robert Tappan Morris at Cornell University found a software bug that, with an apparently accidental stroke of genius, would turn Morris into 'God', allowing him to perform 'God-like' functions (which are those of a malicious invader) within a computer system. This was by far the most complex and sophisticated software ever discovered. At this time, it was believed that Morris's discovery represented a new phenomenon, distinct from the more limited capabilities of earlier malicious software. But later research showed that Morris's code was, in fact, simply a much more complex and powerful reimplementation of older code. Nevertheless, it came to symbolise the growing sophistication of cybercrime and the growing confidence of its creators. In 1998, two researchers published a paper, 'Security implications of wireless computing', suggesting that computer viruses could be transmitted via the wireless Internet. The theory of network-aware viruses was developed in 1992 by two computer science researchers, John McQuaid and Michael Rabin. It suggested that malicious programs could be tailored to attack only a specific type of network. The network-aware viruses were designed to attack a specific kind of network such as a corporate intranet, rather than relying on users installing a Trojan horse on their own computers. Network-aware viruses were much harder to detect because they had built-in functions to prevent themselves being detected, as they attacked only those targets that were known to be vulnerable. But the greatest development in the history of computer viruses took place on a single computer system: ElcomSoft's PC-Write software, which was developed in 1992. PC-Write was one of the first applications designed specifically to write and run software viruses. Although this version of PC-Write was marketed as a general tool, it was used primarily by viruses writers. PC-Write used a special type of programming language called assembly language that allowed for very rapid and very precise control over computer programs. A few years later, PC-Write was purchased by Alain Labourier and was adapted to create different versions that were used for both creating and detecting malicious software. In this regard, it represented a break with the previous model of 'malware' which was largely generated by amateurs. It changed the nature of malware. This new approach to cybercrime was enabled by two developments. The first of these was the internet, a globally-connected network that allowed malware to be transferred in an extremely efficient and rapid fashion around the world. The second was the introduction of strong encryption that gave cybercriminals greater control over the 'code' that they used. It became possible to create malware that attacked users' computers when they visited websites and downloaded files and, most importantly, to do so while maintaining total anonymity. This would remain the predominant model for the next twenty years. By 1996, an estimated 20,000 new viruses appeared each month and an estimated 5,000 of these had spread by the year 2000. By this time, many viruses were capable of reprogramming a computer's operating system, creating 'back doors' in order to allow additional viruses to enter the system. The introduction of Java, a programming language, would create a new class of malware. This software program, however, had the ability to execute additional 'plug-ins' which could carry additional viruses that could infect and infect and infect. In September of 2000, the authors of viruses 'W32.Skoll.F' and 'W32.Ghost.F', published a paper called 'Dreaming with DOS – Building a Better Bot'. They described a method of creating viruses that were small enough to reside inside the executable 'headers' of other programs. This effectively created a Trojan Horse with a 'back door' to its own source code that could reprogram other programs, making it a form of 'wraith' – a kind of program that was itself a virus. But by far the most successful form of malware in the early part of the 21st century was 'spyware'. Spyware, or 'snoopware' was developed in 2001. At the same time, there was a significant increase in the number of web browsers, which meant that virus-writers could develop a program that would spread through a range of computer systems, without users necessarily needing to download it. It enabled viruses to spread far more rapidly, and quickly adapted to the latest operating systems. **2** The rise of spyware In March of 2002, a group of academics at Massachusetts Institute of Technology (MIT) announced that they had uncovered a new type of software, called 'Trojan.Eater.E'. This new programme was developed using assembly code, which allowed it to execute additional software code. It could then be used to attack and infect the system on which it had been written. It was named 'Trojan.Eater' because it was designed to eat all the other programs on a target computer in order to destroy its 'host computer'. Another version, 'Trojan.TidePods', was developed by cybercriminals and used in an attack on the website 'www.tides.com'. Trojan.TidePods 'opened a back door in Microsoft's Internet Information Server (IIS)' and used that to attack other programs that ran on the server. A paper published in January of 2006 described the rise of spyware. Called 'The Invisible Computer', it was written by Bill Schrier and Richard Stiennon, both professors at the University of Illinois in the United States. It described spyware as a form of software that was developed in order to track and monitor the activity of users on a computer system. These 'anti-porn' programs were able to monitor internet activity, social networking sites and also secretly recorded conversations in order to record evidence in case of a future trial. **3** The rise of the botnet A survey conducted by Gartner, a technology consulting firm, estimated that there were 18 billion internet-connected devices by 2011. This provided a much greater audience for cybercriminals, and in the early part of the 21st century a new form of malware was developed that allowed criminals to spread a malicious payload much more quickly and effectively than previously. The rise of 'botnets' created the possibility of a vast new market, creating the ability to attack systems using huge numbers of compromised systems. For example, 'Dorkbot' was a botnet that had been designed to exploit vulnerabilities in Microsoft's Windows operating system, designed to distribute thousands of computer viruses. It was launched on 22 July 2005 and had reached 65,000 compromised computers, each of which carried copies of the viruses. A team of researchers at the University of California at Berkeley created the botnet for the purpose of testing the potential of viruses and was discovered when its operation had exceeded the original test's limitations. It was discovered that the computers in the botnet were actually being used for 'distributed denial of service attacks' against 'honeypots' – computer systems that have been set up to be attacked by malicious software. One of the problems with this new 'cybernetic' era was the possibility of viruses or malware that would be designed to spread through computer systems, but would remain undetected. This became a problem for law enforcement agencies that sought to determine if a cybercrime had taken place, even though no crimes had been committed. In order to do this, it became necessary for computer systems to be regularly checked to determine whether they were infected by computer viruses. One of the first firms to develop a service to address this issue was Phishtank.com, which was set up in 2003. As part of its service, Phishtank worked with companies that sold computers to check their equipment for evidence of malicious software. It used its service to help in the investigation of a series of murders, as part of its service it created a 'cloud network', which looked at the contents of every computer system that passed through its facility. The firm was able to find out the identity of one of the killers by determining which computer had the email address which contained the initial email communication, from the murderer to the victim. As there was no forensic examination, Phishtank's identification of the killer was accepted by police. Phishtank was followed by a service called Spamtrap that, in April 2006, sought to protect computer systems that had been compromised by viruses. The computer system owners were charged a fee to have access to Phishtank's services. The development of Spamtrap was followed by Cloudmark, which was set up by Microsoft and launched in 2006. **4** The advent of cloud computing When someone wants to access the internet, that individual is connected to the internet via a 'gateway' – a network connection with a router and access point. This is where the computer is 'logged onto' the internet and allows its owner to send and receive data