The very first computer virus was discovered in 1986, it was named as “brain”. Sounds weird right!. Since then many refined computer viruses were discovered which at that time were considered as the most threatening intrusions. The vogue of computer intrusion continued. Later on, On May 4, 2000, many users of Windows computers began receiving an email with a malicious attachment. After further investigation, a new computer virus named “ILOVEYOU” was found, within ten days the virus replicated and expanded itself to around fifty million node computers.
Insights of ILOVEYOU virus:
According to the reports, it has been estimated that as many as 10% of the internet-connected computers in the world ultimately caught the ILOVEYOU virus. As a result, it caused a massive impact on the economy. The eventual cost of removing the infection and recovering deleted files from backups was as high as $10 billion. This catastrophic event had resulted to close down email systems of major firms like the Pentagon, the CIA, and the U.K. including some parliaments across the globe.
Eventually, ILOVEYOU overshadowed the news headlines globally at the time. The propagation of the virus was escalated because victims were largely unconcerned to the threat it posed initially. Also, the devastating impact of the virus would have been significantly reduced if expert warnings from years before had been seen.
Substitute COVID-19 for ILOVEYOU and those words could so easily apply today.
How ILOVEYOU became the first global computer virus pandemic?
The man-made “ILOVEYOU” virus somehow correlates itself to the present scenario of COVID-19. ILOVEYOU, also considered as the Love Bug at that time, more specifically was known as a worm virus, that replicated itself to spread across other computer systems. The virus moreover relied on the scripting engine system setting, which runs scripting language files such as .vbs files. It acquires a host file to be activated for the infection to take hold, and further copies of that host then need to be activated on every computer that gets infected thereafter. On the other hand, a worm is a self-replicating destructive program that could potentially transmit itself by scattering repetitious copies of itself across a chain system without any further human intervention. The first case of the ILOVEYOU virus was reported on May 4, 2000. The virus propagated itself as a spammed email message with a subject line of ILOVEYOU and an additional direction to read the attached document, seemingly a love letter, from the sender. So tricky, isn’t it? Since then ILOVEYOU evolved as one of the first major computer virus pandemics, it also illustrated how spam can be far more than just a time-wasting nuisance. Opening that love letter executed a Visual Basic script, the attachment wasn’t a document at all and used a smart trick at the time to hide this fact from the victim. The Visual Basic script file extension of .vbs was hidden by default from view on Windows machines, so a file called, as in this case, “LOVE-LETTER-FOR-YOU.txt.vbs” appeared for all intents and purposes to be a text document as the last file extension wasn’t displayed.
Thus, opening the document executed the script and the ILOVEYOU worm was triggered on that system. The virus was so mischievous that overwriting a random set of files from documents to photographs, ILOVEYOU would escalate Microsoft Outlook which opened the Windows address book and send a copy of itself to all the contacts listed.
Some alert messages sent by “ILOVEYOU”:
DAMAGE CONTROL!
The attack had begun in the Philippines. Sky Internet Inc, an Internet service provider that inadvertently hosted some of the “ILOVEYOU” worm code.
Cybersecurity agency Greg Day, CSO (EMEA) at Palo Alto Networks, says that ILOVEYOU caused a fundamental shift in the cyber-threat landscape for several reasons. “ILOVEYOU leveraged emotions in a whole new way as part of a cyber-attack,” Day told, “both via our want to be loved and also by tricking people into a false sense of trust, as the likelihood was that the ILOVEYOU email was from someone you knew when victims’ contacts lists were being stolen to spread the virus.”
He later explained the need for user education on how social engineering tricks users into doing attackers’ bidding. Adding to this Ian Thornton-Trump, CISO at security intelligence specialists Cyjax says
“The simple adjustment to drop an email with a .vbs attachment is still optional on a lot of systems.”
At that time Philippines didn’t have cyber laws and ethics which eventually resulted in, the author of the ILOVEYOU worm, Onel de Guzman, never being prosecuted. Also in an interview with the BBC, he told that he regretted writing the virus as well as the infamy it brought upon him.