With the advent of the 21st century came more seemingly efficient means of transmitting software and data between users than the soon to be obsolete magnetic tapes and floppy disks. The introduction of reliable and speedy broadband networks were certainly a boon to users but also offered a new route for the malicious to introduce viruses and to do it more quickly and impacting a wider audience. New generations of viruses, worms, and Trojans emerged, known collectively as malware.

One of the most serious of the new generation of viruses was the LoveLetter which appeared on May 4, 2000. It came in the form of an email but with a VBS file attachment rather than a Word document. In those more innocent days people were less wary of unsolicited emails and once the VBS file was opened, Onel de Guzman’s worm would overwrite existing files and replace them with copies of itself, which were then used to spread the worm to all the victim’s email contacts. As each of these received an email from someone they knew, they were more likely to open the file and set the process off again.

A different form of worm was used for the Code Red, a file-less worm which existed only in the machine’s memory and made no attempt to infect or corrupt data files. Exploiting a flaw in the Microsoft Internet Information Server, the worm manipulated the protocols that allow computers to communicate, wreaking havoc and spreading globally very quickly. It was used to launch a distributed denial of service attack on the White House’s website in the US.

The emergence of Heartbleed in 2014 put servers across the internet at risk by exploiting a vulnerability in OpenSSL, a cryptographic library used by companies worldwide. Periodically, OpenSSL sent out “heartbeats” to ensure that the designated secure endpoints were still connected. Users could send OpenSSL a certain amount of data and request the same amount of data back. If they claimed to be sending the maximum allowed, 64 kilobytes of data, but only sent one byte, OpenSSL would still send the last 64 kilobytes of data in RAM. This often meant that user names, passwords and other sensitive data were compromised.

And the future? What is certain is that malware will get increasingly more sophisticated, difficult to detect and eradicate. Security software is always likely to be a step or two behind the more ingenious and law enforcement agencies several light years away, especially given the global reach of cybercrime and the territorially limited jurisdictions. Perhaps the only advice is to exercise extreme vigilance and if it comes out of the blue, it is probably not for you.

Stay safe.