For most of us, computer viruses are a hidden phenomenon. With a little bit of web savvy, and an update antivirus software, the risk of downloading an infective program onto your personal computer is minimal. However, this is not, and has not always been, the case. Throughout the early days of the internet, computer viruses were a much more prescient problem for your average computer user – and in the modern day, governments, business and major public institutions must also be wary of ransomware and cyberwarfare attacks.
From industrial sabotage to high-tech vandalism or criminal ransomware that aims to extort a profit from organisations they infect, these are two of the highest profile viruses ever programmed – which all had huge financial and practical consequences for the unlucky networks that were subject to their attacks.
Probably the most famous of cyberwarfare programmes, the Stuxnet virus targets PLCS – not Private Limited Companies, but Programmable Logic Controllers. Essentially PLCs control the function of industrial machines. In this case, the virus specifically targeted a PLC made by Siemens and used by many industrial facilities around the globe.
However, Stuxnet had a specific target in mind – the Iranian nuclear programme. Released in 2010, reportedly via an infected flash drive so that it could get into private networked machines, Stuxnet caused the spinning centrifuges in uranium enrichment facilities to break themselves by spinning too fast. It’s estimated that over 200,000 computers were compromised and nearly 1000 physical machines were wrecked. No-one has ever taken responsibility for the attack, although many believe it was the joint work of a US and Israeli team.
One of the most well-publicised virus of recent years, WannaCry is an example of ransomware – software that locks the user out of their computer and encrypts all their files so they can’t be used until a ransom is paid, usually in the form of cryptocurrency Bitcoin. WannaCry infected over 230,000 computers in just one day of its release in May 2017.
Among many commercial and state targets, the most effected was the UK’s National Health Service. Nearly 70,000 devices were infected including MRI machines and operating equipment as well as administrative computers. Operations were cancelled and whole hospital departments closed. Luckily, within just one day a backdoor ‘kill switch’ was discovered in the virus’ code, somewhat accidentally, by a computer researcher from Devon in Southwest UK.
Another interesting aspect to this case is that the Windows exploit (coding flaw) that allowed the virus to spread was discovered several years previously by the US National Security Agency. However instead of informing Microsoft, they tried to develop it as a cyberwarfare tool – until their own source code was hacked and released to the highest bidders by a hacker collective known as The Shadow Brokers.
As for the perpetrators of the attack? Well, no-one has ever been officially caught or put to trial. However, experts in the US, UK and Australia all point the finger squarely at North Korean sponsored hacking teams, with one individual, named Park Jin-hyok, named in an arrest warrant issued by the Department of Justice in 2018.