The Worst Computer Viruses in History

By Louisa Rochford

Viruses have always existed. We get infected, we get sick, and our bodies work in overdrive to allow us to heal and get better, with assistance in the form of better diets, medication and other remedies and solutions. Computers and other devices can also get sick with dreaded and powerful viruses—though this phenomenon wasn’t always around.

The first computer virus was written in 1971. Called the Creeper System and made by Bob Thomas at BBN Technologies, it was an experimental self-replicating virus that would multiply to the point of clogging the hard drive until it became completely unusable. At the time, this was only called a program – the term ‘virus’ was introduced a year later in 1972 in a science fiction novel called When HARLIE Was One by David Gerrold.

Then, in 1981, the first large-scale outbreak of a computer virus in history occurred. Named the Elk Cloner and written for Apple II systems by high school student Richard Skrenta, the program was originally written as a prank. Its design, as well as the public’s misunderstanding and ignorance of malware, allowed the virus to spread successfully – quite an achievement for the 15-year-old creator.

Since then, however, these programs and viruses have become stronger, sneakier and more malicious. Three cities have succumbed to ransomware attacks recently, including Lake City, Florida, which lost a total of $500,000 (£394,000) to the hackers. This follows from another attack in Riviera Beach, where $600,000 was lost, bringing the total amount to $1.1m from Florida municipalities in a short span of time. Viruses can strike computers anywhere, including ones owned by businesses and organisations, and have a devastating impact wherever they infect.

Looking back, here are some of the biggest and baddest computer viruses in history so far:

ILOVEYOU – From May 5^th 2000 onwards, this computer worm spread itself via email with the subject line ‘ILOVEYOU’ and an attachment called ‘LOVE-LETTER-FOR-YOU.txt.vbs’. This virus spread quickly and easily as it would use a user’s mailing list to send the email on to friends and acquaintances, who would deem it and the attachment safe to open given the familiarity of its sender. Once someone’s computer was infected, it would begin to damage it and overwrite their files, often hiding them. Tens of millions of Windows PCs were affected. This virus outbreak made very clear the importance of being cautious when opening attachments in emails, even if they’re from someone you know.

Melissa – Before ILOVEYOU, there was Melissa. This one was created on March 26^th 1999 and, like ILOVEYOU, would use mass-mailing to send an infected attachment via email. Once opened, this virus would disable various safeguards in Word 97 or Word 2000 and then send itself to the first 50 addresses on the victim’s email list. Melissa was made by David L. Smith from New Jersey, and in December of 1999, David was sentenced to 10 years in prison and fined $5,000 for creating and spreading it.

WannaCry – Now for something different, and far more recent. WannaCry, which began its life in May 2017, was especially dangerous as it would encrypt the victim’s data and demand ransom payments in the form of Bitcoin, and affected 200,000 computers across 150 countries. Thankfully, this virus was put to a stop quickly after Microsoft released emergency patches to its systems and a kill switch was discovered to prevent it from spreading any further. However, the impact was huge for this particular virus – the hacking attack cost the NHS £92 million as it infected 70,000 of its devices, including MRI scanners, computers and theatre equipment. The NHS was criticised at the time for using outdated and vulnerable IT systems, as Windows XP was 17 years old at the time. Nissan Motor Manufacturing UK was also attacked, and in 2018, an email from the alleged creators threatened those who received it to destroy their data unless 0.1 BTC was paid to the hackers’ Bitcoin address. A terrible form of ransomware, this virus really made you Wanna Cry, and consider updating your system.

CryptoLocker – Another ransomware example, CryptoLocker lasted from September 5^th 2013 until May 2014 and also spread itself as a trojan virus via email attachment. While similar in its execution, what made CryptoLocker unique and devastating was that once files were encypted after its infection, it was near impossible to have the files decrypted, leading to permanently lost data and files. Those who paid the ransom reported that often, their files remained encrypted. The success of CryptoLocker led to clones under a similar name, such as CryptoWall, Crypt0L0cker, and TorrentLocker. Since its release, ransomware attacks have become more rampant and lethal.

Conficker – This worm, which also went by the name of Downup, Downadup and Kido, was discovered in November 2008 and was particularly difficult to remove. It used a combination of advanced malware techniques and spread in the form of 5 variants, discovered at intervals between November 21^st 2008 – April 7^th 2009. The virus would disable numerous of Microsoft Windows’ services, including as Automatic Updates, Windows Defender and Windows Error Reporting, as well as making antivirus websites inaccessible and often locking users out of their accounts. Conficker infected millions of computers across 190 countries, making it one of the largest virus infections in history.

Mydoom – Beginning on January 26^th 2004, Mydoom became the quickest-spreading email worm ever, surpassing ILOVEYOU and has since never been topped. At one point in time, Mydoom was so contagious that one in every 12 email messages carried the virus. Many victims were using search engines to find information or a solution, to the point that the search engine services were slowed down and even crashed as millions scrambled to remove the program. Mydoom functioned as a backdoor trojan, allowing the hacker behind it to access infected systems and introduce other malicious software.

Shamoon – Discovered in 2012, Shamoon became known, years later, as the ‘biggest hack in history’. The malware particularly targeted the oil and energy sector, and struck over 30,000 computers in Saudi Arabia. Essentially, Shamoon would completely destroy the infected device, however it worked in various stages: Once infected, the virus compiles a list of files on the victim’s computer; the information is sent to the hacker; some or all of the affected files are erased by a function called ‘wiper’; finally, the virus overwrites the master boot record, meaning the computer can no longer be rebooted and is therefore unusable. Shamoon hit the Saudi Government and began when a Saudi Aramco employee opened an infected email which granted the virus access to their computer network.

New viruses are being created and discovered all the time, so it’s as important as ever to have a robust cybersecurity system in place, be cautious and careful, and keep our devices up to date. If these examples are anything to go by, viruses are both creative and infectious, and will only continue to get more powerful as time goes on.