1 00:00:00,580 --> 00:00:06,130 A few years pass and we're now at the turn of the 21st century this period will be remembered as the 2 00:00:06,130 --> 00:00:07,430 days of the plagues. 3 00:00:10,700 --> 00:00:17,060 One such plague was code red or one that exploited a vulnerability in Microsoft web servers to deface 4 00:00:17,060 --> 00:00:18,380 affected Web sites. 5 00:00:19,250 --> 00:00:25,870 Notice how the main activity of the Morris worm and the worms we're now discussing spread themselves. 6 00:00:25,910 --> 00:00:28,960 This was their basic payload. 7 00:00:29,020 --> 00:00:32,140 They were released to breed and infect more and more machines. 8 00:00:33,330 --> 00:00:40,740 Damaging actions if there were any code red launched them about every three weeks resulted in the defacement 9 00:00:40,740 --> 00:00:43,880 of some web pages. 10 00:00:43,920 --> 00:00:46,340 This was simply to manifest their presence. 11 00:00:46,350 --> 00:00:48,170 This is a crucial moment. 12 00:00:48,180 --> 00:00:50,540 This was the goal of the creators of these worms 13 00:00:54,450 --> 00:00:56,300 other than code red. 14 00:00:56,460 --> 00:01:03,850 This type of worm includes Linda Nimda is relevant to her analysis because it's a virus that distributed 15 00:01:03,850 --> 00:01:10,170 cell through a number of propagation techniques by exploiting software errors but also by social engineering 16 00:01:10,170 --> 00:01:11,530 which we'll discuss later. 17 00:01:12,550 --> 00:01:15,380 What were the effects of the outbreak. 18 00:01:15,430 --> 00:01:18,660 Two million infected computers in just three days. 19 00:01:20,360 --> 00:01:25,730 While it would seem like an imposing feat it was quickly surpassed by close another mass mailing virus 20 00:01:25,790 --> 00:01:29,870 which was released on the Internet and went around the world in two and a half hours. 21 00:01:32,020 --> 00:01:39,300 The record held by cles was beaten by the Cuil slammer the slammer attacked vulnerabilities in the service 22 00:01:39,300 --> 00:01:44,290 of Microsoft as CULE server a popular database system. 23 00:01:44,330 --> 00:01:49,600 The worm was so effective partially because it targeted computers through UDP. 24 00:01:49,670 --> 00:01:53,580 It took it about 10 minutes to infect 90 percent of vulnerable servers. 25 00:01:54,520 --> 00:01:58,920 And this time the number of infected hosts doubled every eight and a half seconds. 26 00:02:00,160 --> 00:02:05,920 Even though UDP is a lightweight protocol with very small header and offers only minimal transport service. 27 00:02:05,920 --> 00:02:09,580 The outbreak has in fact resulted in Internet outage. 28 00:02:09,580 --> 00:02:16,180 Banks had to shut down cash machine networks and airlines had to cancel flights global communication 29 00:02:16,180 --> 00:02:21,550 was impeded or even blocked due to one virus that spread as fast as possible and the infrastructure 30 00:02:21,550 --> 00:02:24,260 of the day. 31 00:02:24,360 --> 00:02:28,560 If the infrastructure had been faster the results would have been even more staggering. 32 00:02:30,280 --> 00:02:33,840 The past several years have been an era of cyber crime. 33 00:02:33,880 --> 00:02:41,210 This is the key point of interest for us 2005 is a sort of threshold here or it's usually considered 34 00:02:41,210 --> 00:02:41,720 as such. 35 00:02:41,720 --> 00:02:47,720 Because it's the year in which the Zoetrope virus spread so top is lesser known than the worms were 36 00:02:47,720 --> 00:02:52,630 discussed before as it was not widely reported in the press and mass media. 37 00:02:52,700 --> 00:02:57,040 We know now that it was the first virus which was commissioned. 38 00:02:57,100 --> 00:03:04,920 In other words it was written for money commissioning in order is not usually an exercise in charity. 39 00:03:04,980 --> 00:03:09,730 If you pay money for something you expect your investment to pay off. 40 00:03:09,780 --> 00:03:16,900 The virus was commissioned to steal data from a specific company by installing a Trojan horse. 41 00:03:16,910 --> 00:03:18,030 Where did we start. 42 00:03:19,040 --> 00:03:24,560 We started with a joke or with an outlet for Robert Morse's creativity and we ended up with Zoetrope 43 00:03:24,710 --> 00:03:29,900 a virus that no one even pretended to masquerade as a harmless program that measures the Internet or 44 00:03:29,900 --> 00:03:31,190 anything of the sort. 45 00:03:32,290 --> 00:03:34,440 This was a worm created to make money. 46 00:03:35,620 --> 00:03:38,140 This marks a very significant shift for us. 47 00:03:39,030 --> 00:03:41,970 What are the consequences of this change. 48 00:03:41,970 --> 00:03:48,840 The first is that media is more reluctant to report on computer systems security several years ago before 49 00:03:48,840 --> 00:03:50,010 2005. 50 00:03:50,100 --> 00:03:57,850 We the public were regularly fed with information on new global scale virus outbreaks recently there's 51 00:03:57,860 --> 00:04:02,540 a lot less stories or news on computer security in the media. 52 00:04:02,590 --> 00:04:07,840 Does that mean that we're generally more secure now or the people stopped trading viruses or perhaps 53 00:04:07,840 --> 00:04:11,720 systems nowadays have been safeguarded so that viruses can't spread. 54 00:04:13,230 --> 00:04:16,740 No unfortunately not quite the opposite. 55 00:04:17,540 --> 00:04:24,110 Viruses nowadays aren't created for publicity coders who create viruses don't seek fame to try to earn 56 00:04:24,110 --> 00:04:28,680 their bread writing viruses is now a job. 57 00:04:28,710 --> 00:04:34,350 This means that in recent years from 2005 onward is the time when big money entered the world of computer 58 00:04:34,350 --> 00:04:36,390 systems and change that forever. 59 00:04:38,020 --> 00:04:40,460 This is by no means a revolutionary new era.