on 19 January 1986 was discovered the first virus for the PC. It was called Brain, was installed silently in the hard drives and slow computers. Users had to pay to their creators if they wanted the virus removed from your system. Righard Zwienenberg (1967, The Hague) dates back to this time to explain the source of the virus. He began to study the behavior of the same two years after the detection of Brain. Have already spent more than three decades since then. Is now a senior researcher of the company of computer security Eset and is part of a group that advises the European Cybercrime Centre (EC3) of Europol, the European Police Office.
Brain was not developed with the aim of attacking other users. Its creators are two brothers pakistani called Basit and Amjad Farooq Alvi who had a computer shop. They discovered that customers were circulating an illegal copy of a software written by them and developed Brain in order to avoid it. “Since then, the number of malware [malicious software] that has not stopped growing. Is greater than ever. In our laboratory we receive between 300,000 and 400,000 every day. Years ago, there were many less,” he says. Affect “most users”. But also to Governments and businesses.
Some of them have had a impact in point. The researcher gets as an example Michelangelo virus, discovered in 1991, which each year remained asleep until the 6th of march —the date that gave birth to the renaissance artist michelangelo. To put in operation a computer infected with the virus that day, sobrescribían all data on the hard disk with random characters, making recovery of the information was virtually impossible. Also the virus Nimda, that was detected in 2001 and spread massively in just a few minutes, or the computer worm Stuxnet, which in 2010 took control of 1,000 machines involved in the production of nuclear materials and gave them instructions to self-destruct.
Zwienenberg explains that currently the ransomware is one of the cyber threats more common. It is a type of malware that prevents users to access your system or your personal files and demands payment of a ransom to be able to use them again. The rise of this type of attack must be to that to this day are still functioning, according to the expert: “people continue to pay even in campaigns of ransomware that are dead and don’t have anyone active behind”. “In the old days to break in your house, you had to be physically there. Now I can sit behind my computer and break directly into your computer to get all your information,” he says.
But to pay in these cases “is never a good solution”. Neither for the users nor for the companies. To companies, this type of attacks may bring you multiple headaches: “If it is filtered according to what information could be fined or see damaged his reputation.” Also, pay does not guarantee that the problem is solved. In some cases, “the ransomware has been programmed very badly, so that the algorithm of decryption is not working.” And the attackers could repeat another attack in the future. The police of the Netherlands, Europol, Kaspersky Lab and McAfee have a program to help victims of the ransomware retrieve their encrypted data without having to pay the criminals. Among other things, allow users to download password-crackers free.
In search of money and information
The behavior of the attackers has also changed. At the beginning, the people who created a virus, “I wanted to be seen”. Zwienenberg explains that they intended that the other user was unaware that he was infected and creating to animations-screen: “For example, a kind of cascade in that the characters were falling”. “Now what interests them is to get information and earn money. But, except in the ransomware, try to stay invisible to be able to stay as long as possible by gathering information that way,” he says.
This, says the researcher, can be particularly dangerous when the victim of the attack is a Government and the content to which the attacker has access is military information. “Imagine that your Government has information about something that if it becomes public, can cause disturbance or panic,” he says. What are european Governments prepared now to deal with this kind of attacks? Zwienenberg doesn’t get wet. Limited to answer that “in Europe, they are better prepared and aware that in other parts of the world because there are many companies in cyber security”.
Yes it recognizes that users are not sufficiently aware of: “people do click on links that come to you. First happened with the emails, and we found that they did not do so. You are now connected to Facebook and social networks, and, when someone that you think you know them, send a link, also stuck without knowing what you are going to end.” In this way, the malware sometimes it becomes viral”. The solution to protect passes for education: “young children should have education to know to spot these threats and be aware of. In Uk is already being done and other countries are preparing similar programs. In the future there will be less cyber-threats, but that the situation will get worse”.
The devices connected to the Internet, in the spotlight
The attacks not only affect computers. Cybercriminals exploit the vulnerabilities of any Internet-connected device: from cameras to televisions, or even medical equipment.”I like to call the Internet of Things [IoT, for its acronym in English], Internet of Trust [internet trust] because you have to rely on all of your devices,” says Zwienenberg.
But according to account, in many occasions people are not aware neither of the number of connected devices in your home. He has it full. Apart of computer, laptops, phones, and tablets, have light bulbs smart, thermostat, television, cameras, alarm systems, speakers, smart… “And those are the ones that I know, because I have a son of 14 years in the house,” he jokes. To try to ensure their privacy and protect themselves, said to take precautions. “For example, speakers smart are disabled by default, so whenever you want to ask something, I turn on the microphone. In addition, I have multiple networks. All of my connected devices are on a different network to the network that I connect to work at home or in the private network of my home.”
