Something that some may not initially think as being a good investment; but a laptop that has been deliberately infected with six notorious strains of malware including WannaCry and ILoveYou is being auctioned off – with bids at the time of writing reaching over $1.1m (£800,000). But why?
The laptop itself has been disabled from being able to access the internet so ensure that the virus can’t be spread or used in any way and the device will be shipped to the winner. The point of this is almost solely an art exhibition and publicity stunt by artist Guo O Dong and a New York cyber-security company called Deep Instinct.
But what are the infamous viruses and what did they do? We are going to have a look into four of them here.
Probably the virus that you are most likely to have heard of, the WannaCry virus was responsible for shutting down hundreds of thousands of computers around the world, demanding that users pay a ransom in order to access their computer again. The reason for the huge level of infamy of this particular virus was that it hit over a third of hospital trusts in the UK as well as 8% of GP Practices. Around 1% of all NHS care was disrupted in the week of the attack and over 19,000 appointments had to be cancelled. This cost the NHS £20 million and then a further £72 million in cleanup.
The cyber attack locked over 200,000 users out of their computer and displayed a large red-lettered warning demanding Bitcoin. This attack was eventually pinned on North Korean hackers which took a year to investigate.
Misleadingly this sweet-sounding virus was based around “love letters” in which a computer worm, originating from the Philippines; began to take control of computers on 5th May 2000. The email included an attachment which had the; innocently seeming at the time, filename of “LOVE-LETTER-FOR-YOU.txt.vbs. If this was opened, a Visual Basic script (which now we can see from the .vbs part of the filename) executed and infected the computer.
This played on the early day naivety of computer and email users by fooling people into opening it because Microsoft actually concealed the extension name of the file which caused many to believe it was a text file. When the file was ran, the script sent itself to everyone in that person’s contact list and edited the computer’s registry files so that the worm began automatically on every startup. It then continued to copy itself across all files in the computer basically ruining the inner workings.
The MyDoom or Novarg virus was another worm that created backdoors in the victim’s operating system on their computer. The original version of the virus has several variants but mainly; two triggers. The first of them made the virus begin a distributed denial of service attack (DDOS) which started on 1st February 2004. The second trigger then made the virus stop distributing itself on 12th February 2004 but even after the virus had stopped spreading, the backdoor created remained open and active; allowing access to victim’s computer.
The Sobig Worm
Finally, one of the other viruses that has been deliberately put onto the laptop is the Sobig Worm; a computer worm that infected millions of computers connected to the internet through Windows in August 2003.
Sobig.A was first found in January 2003 and Sobig.B was released on 18th May of the same year. Originally known as Palyh and later renamed; Sobig is the second fastest spreading computer worm to have ever entered the computing environment, infecting computers through the internet. Worms, featured a lot in this blog are malicious computer programmes that replicate themselves and can create backdoors in the victim’s computers. This opens them up to having their data stolen; before passing on this information and replicating itself on other people’s systems.
We aren’t expecting you to be going out and purchasing the tainted laptop with the four of these viruses included (and more!) but it is extremely important to remain vigilant with your computers. One of the issues is that because our computers are sat on our desk; laptops in our bags – the first thing that you think about in terms of safety are not having the device itself stolen or damaged. This then causes a somewhat lackadaisical approach to ensuring the internal file system safety of your computer and the files upon it are safe themselves.
Regular backups, changing passwords securely and regularly as well as having robust antivirus software is very important because not only can your computer become infected and damaged, but important files about your and your business can be compromised or stolen.