One person predicted the coming of computer viruses. He also invented them.
On November 3, 1983, a graduate student named Fred Cohen was sitting in a computer security course at USC taught by Turing-award winning Professor Len Adelman. Daydreaming, Cohen conceived of a trojan horse that would be inserted into a host computer and then replicate into the other programs that resided there. A week later, on November 10, 1983, he demonstrated the first piece of malware to be called a computer virus.
In his paper “Computer Viruses—Theory and Experiments,” published in 1984, Cohen defined a computer virus as “a program that can ‘infect’ other programs by modifying them to include a possibly evolved copy of itself.”
Cohen concluded that computer viruses posed a severe threat. A computer infected with a virus was bad enough, but what if computer viruses could spread from computer to computer, like viruses spread from person to person. Indeed, Cohen warned that “[i]t appears that they can spread through computer networks in the same way as they spread through computers, and thus present a widespread and fairly immediate threat to many current systems.”
In 1986, Cohen completed his PHD dissertation at Lehigh University and was told that a computer virus could never work in a real computer system.
The Generation of Viruses
As events unfolded, later in 1986 the BRAIN virus began to infect IBM PCs. Written by two brothers in Pakistan, Amjad and Basit Alvi, the code was intended to stop the piracy of their medical diagnostic software. Amjad Alvi described BRAIN’s activities as checking the significant bit of the MS-DOS BIOS and if it was clear, BRAIN didn’t infect the disk. The sole purpose for BRAIN, he insisted, was to track and stop illegal copies of the disk.
In 1987, computer viruses became epidemic. The Jerusalem virus, the Byte Bandit, and the Christmas Tree virus, among others, were all released in 1988 and each created its own brand of havoc. Networks were overloaded or disrupted and individual PC files were corrupted or destroyed.
An IBM research paper reports that by August 1989, there were about 30 detected computer viruses. The paper then describes the events of December 1989:
“The Dark Avenger.1800 virus was reportedly written in Sophia, Bulgaria by an individual calling himself Dark Avenger. It well represented the coming escalation in the virus vs. anti-virus war. This virus introduced two worrisome features. First, it was designed to do slow, insidious damage to the system rather than sudden, obvious damage. It would randomly write garbage to sectors of the drive. So damage would tend to go unnoticed. In turn, damaged files would be backed up. Second, it was a fast-infector. Resident viruses before this would infect programs as they were run. Dark Avenger also infected programs if they were opened. Therefore, if the virus was in memory and you ran an anti-virus scanner (that wasn’t aware of the virus) on the system, the virus would piggyback on the scanner and infect every program the scanner looked at.”
Throughout the 1990’s Dark Avenger led to the Michelangelo Virus, a variety of macro viruses, Melissa, and then the Love Bug viruses. Each virus was met, neutralized—and quickly replaced by another.
Today, it’s estimated that over 10 percent of the world’s PCs are infected with malware of one type or another.
A Prophet without Honor
As for Fred Cohen, by 1992, he became disillusioned. He recounts that despite his attempts to call attention to the potential for the spread of the computer virus by way of networks and in response to his requests for grants and research assistance, he never received so much as a dollar in aid nor even an encouraging word from any governmental source. He insists that he was blackballed.
Cohen believes that there are three alternative futures with regard to computer viruses. Either things will just keep going as they are, or viruses will take over everything, or viruses will become extinct. The man who coined the term believes that the threats are evolving and the our defenses had better evolve, too.
It began 28 years ago—and that’s when it happened.
A Reader Writes
Bob Wonderly comments on last month’s history article:
But the mechanical comptometers were implemented differently than the mechanical adding machines in a couple important ways (other than not printing): they did the addition and the carries as soon as a key was pressed, there was no need to pull a lever as was the case with adding machines. And they did subtraction by a nines-complement and add approach so each key had two numbers imprinted on it, a big number for the more common add and a little number for the nines complement.
In the adding machines (remember I am talking about the mechanical ones) the digits were all set up and the addition with all the necessary carries took place when the lever was pulled.
You’re right that the adding machine became more popular but a skilled operator could go faster with a comptometer.
The early Remington Rand Univac (a precursor to Sperry) Scientific digital computers (1101, 1102, 1103—the commercial version) had a subtracting accumulator and did additions by complement and subtract. I presume the point was to make the logical circuitry for the accumulator simpler since it was implemented with vacuum tubes.
Enjoyed your article. I grew up around mechanical office machines since my father’s career was repairing them. My first programming job was programming the 1103 in the summer of 1955. At first we coded the raw octal number commands—both ops codes and address (operand addresses and instruction addresses). But it wasn't long before someone figured out that that approach was too intense, especially when bug fixing required inserting instructions between other instructions and thereby totally messing up your carefully worked out instruction addresses. Thus the beginning of a precursor to assembly language.
Dan Wohlbruck has over 30 years of experience with computers, with over 25 years of business and project management experience in the life and health insurance industry. He has written articles for a variety of trade magazines and websites. He is currently hard at work on a book on the history of data processing.