Fifty. Billion. Dollars. It’s a huge number, but as you’ll see
in today’s video, that was the cost of the damage caused by just one computer virus. Even if you don’t have billions of dollars
to lose, you still have to keep yourself protected when you’re browsing online. And that’s why we’re so happy that today’s
video was sponsored by Private Internet Access, the leading no-log VPN service with over 30
million downloads. Not only does Private Internet Access’s
VPN keep you safe by hiding your IP address and protecting your private information, it
also helps you browse the internet in the way it was meant to be experienced, free of
geo-restrictions or other location based blocks. I use a VPN literally every day, both to keep
my information from being exposed to bad actors, the very same kind who might try to infect
my machine with a devastating virus, but also to watch video from sources that are blocked
in my country. Private Internet Access’s VPN has access
to nearly 20,000 servers in 70 countries, works on virtually any device regardless of
platform, a kill switch that disconnects you from the internet if your VPN connection drops
to ensure that your real IP isn’t leaked, and best of all, no logging… Ever! So what are you waiting for? Give it a try today with the link in the description
and get 2 years plus 3 extra months free for just $2.59 per month! 26th January, 2004. It's 8 am eastern time and the sun is rising
over the east coast of the United States. Tens of millions of commuters make their daily
drive to offices from New York to Florida, sitting down to open their emails and get
the world of American business started for the day. Each person's inbox is unique, but a few thousand
workers can't help but spot a unique email amongst the typical spam, office gossip, or
family member saying hello. The email's message varies- for some it's
a failed delivery notification, for others it's a simple “hey!” or “Click me baby,
one more time”, a funny throwback to Brittney Spear's 1998 megahit pop song. Wary of unknown email addresses, most people
don't open the email and assume it's spam. However, a few handful of people do open the
email. Out of them, several actually click the attached
link. That's all it'll take to unleash the most
expensive computer virus in history. The virus immediately scans the address book
of the few fools who actually opened the included attachment, installing itself on their machines. Then, over the course of a few seconds, the
virus emails itself to every single contact in the user's address book. This generates a new wave of infected emails-
only this time coming from email addresses familiar, and safe, to hundreds of people. Those hundreds open their infected emails
from a trusted source, immediately infecting their own computers. Once more, the virus scans their address books
and emails itself to every contact on it. Within the span of an hour, a single infected
user has successfully spread the infection to thousands of other users, the virus growing
its web across the American east coast and far beyond. By 9pm eastern, the virus, which originated
from Russia, has begun to reach computers across the world. By noon, the tech world has woken up to the
monster that is MyDoom. Security companies around the world race to
identify the virus and work on a fix to the infection. By lunchtime in America, the virus has spread
globally, with one in ten emails being sent containing the virus. Its reach is so pervasive that global internet
speeds actually slow down by ten percent, and loading times on the average web page
increase by a whopping fifty percent. IT experts are already working to reverse
engineer the virus' code and come up with a fix. They allow the virus to infect an isolated
network so they can monitor how the virus behaves- and more importantly, what the ultimate
goal is. Perhaps it's just a harmless prank... with
the staggering rate of infection computer security companies around the world certainly
hope so, but their hopes are quickly dashed. The virus is preparing for stage one of an
unknown nefarious purpose, with the infected computers being roped in to create what may
be the largest botnet of infected computers in internet history. But who is creating a massive global network
of slave computers, and once they have it, to what end will they turn the personal computers
of hundreds of thousands of users to? By the afternoon the virus has hit prime time
and newscasters around the world are warning users to update their virus protection. However, it's already too late for most people,
or even worse- suspicious users refuse to allow their anti-virus protections to automatically
download critical updates, fearing a fresh infection. MyDoom continues to spread almost completely
unchecked. By the next day the FBI and Secret Service
begin to investigate the origins of the worm, and a $250,000 reward is offered for information
leading to the arrest of the worm's creator. As users have become more aware, the spread
of MyDoom has slowed slightly, it now is only in one in twelve of all emails being sent
globally, still causing massive slowdowns of the internet. Even worse, a second version of the worm,
MyDoom.B begins to spread. Two days after the spread of MyDoom, MyDoom.B
has now been officially discovered. This new version of the virus is even more
malicious than the last, actually preventing users from updating their antivirus software
and thus keeping their computers vulnerable to infection. While global security agencies have now identified
Russia as the source of the attack, the massive global botnet is turned against Microsoft
and internet security company SCO Group in a Distributed Denial of Service attack meant
to bring the two company's networks to a screeching halt. However, the attack appears to be faulty,
and it's quickly realized that the real purpose of MyDoom is to grant whoever unleashed it
backdoor access to Microsoft and SCO Group's computers. Despite initially slowing down, MyDoom spread
has now skyrocketed, with half of all email traffic in the world containing the virus. The virus now works to actively block users
from the websites of over 60 internet security companies, leaving users unable to download
critical security updates and fixes. MyDoom.B is working to ensure that infected
users remain that way, and is being shockingly successful at it. Also targeted are online marketing companies,
including many prominent American ones. In what may be the least annoying side-effect
for infected users, MyDoom has prevented pop-up ads from DoubleClick and other advertisement
companies from appearing. The financial impact however very quickly
climbs into the tens of millions, both from lost revenue and the very quickly rising costs
of technical support for users around the world. By the end of January, bugs in MyDoom.B's
code are actually working against it, dramatically slowing down the rate of infection. However, it has already embedded itself in
computers around the world, slowing down web traffic. Microsoft now matches the previous quarter
million dollar reward for information leading to the arrest of MyDoom's creator, raising
the bounty to half a million dollars. On the 1st of February, MyDoom really comes
to life in a massive denial of service attack against the SCO Group, causing the company
to move its website from www.sco.com to www.thescogroup.com in order to stay ahead of the attack, but
most users are unable to reach the group's website. This has now become the largest electronic
attack in history, as over one million computers are unleashed in a massive botnet built by
MyDoom. While over 13% of all American computers are
infected, in Russia- the virus' country of origin- this figure is much lower due to better
security measures taken by users. Two days later MyDoom is unleashed against
Microsoft, but the company has been very well prepared for this attack. Microsoft has already created an alternate
website for users to access via information.microsoft.com, which the worm fails to target. The company has also been taking proactive
measures in anticipation of the electronic assault to come, and its IT experts are very
well prepared for the attack. In fact, Microsoft is so well prepared, that
the effect of the attack against the company is less than the burden of normal day-to-day
software updates distributed by the company. The unstoppable computer virus has at last
met its match, and been roundly defeated. That does not mean the nightmare is over however. Despite it being known that MyDoom.B was attempting
to create a backdoor into infected computers, many users remain unaware and on February
9th, Doomjuice is unleashed. This worm spreads only to infected computers,
using the backdoor created by MyDoom.B to gain access. A new DdoS attack against Microsoft is launched. Though the identity of the virus creators
remains unknown, Russian security firm Kaspersky Labs confirms that the virus is Russian in
origin and works with authorities to track down the perpetrators. While the world remains focused on the DdoS
attacks, Kaspersky Labs warns that the true purpose of the virus may be to create massive
email relays that can be sold to the spam industry for incredible profit. The attack is so sophisticated and well-coordinated
that many around the world suspect organized crime to be behind the virus, and while many
are convinced criminals in Russia to be behind the attack, others warn that the perpetrators
may simply have been using domains registered in Russia to cover their tracks. The reward for information leading to the
arrest of the perpetrators now skyrockets to $650,000, the largest such bounty to date. Three days later, the first version of MyDoom
is programmed to stop spreading. Despite this, the backdoor secretly installed
by the malicious bug remains open, and the perpetrators continue to have access to as
many as over half a million computers around the world. By the first of March, MyDoom.B also self-terminates,
but naturally the backdoor remains open. Security experts work to undo the damage caused
by MyDoom, and costs climb into the hundreds of millions in lost revenue and technical
assistance. The worm's slow down of the internet itself
affects even businesses not targeted by the attack, causing e-commerce itself to slow
down and further inflating the economic damage of the worm. Then in the middle of the summer, another
variant of MyDoom manages to bring down Google, while also attacking popular search engines
AltaVista and Lycos. Google quickly recovers, but is down for nearly
a full day, and other search engines are so badly affected that they are significantly
slowed down. However, knowledge of MyDoom has led to a
steep reduction in infected computers, and despite fears of a new, more powerful variant
of MyDoom being on the horizon, several updated versions of the worm fail to gain as much
traction. By early 2005, MyDoom has been largely neutralized,
and new software updates have plugged the vulnerabilities left behind in the virus's
wake. The world breathes a sigh of relief... then
in 2009, MyDoom resurfaces again. This time the attack is highly targeted, hitting
government and financial networks in South Korea and the United States. South Korea's Blue House- the equivalent of
the American White House- and the actual American White House are targeted, as well as the Pentagon,
the South Korean National Intelligence Service, its National Assembly, and the American New
York Stock Exchange, Washington Post, NASDAQ, and Amazon. The attack is very quickly identified, and
global security experts realize that it is using bits of MyDoom's code, resurrecting
the dead worm as some kind of electronic Frankenstein's monster. For a full week both the US and South Korea
weather a storm of electronic attacks against its government and financial networks. It's believed that whoever is launching the
attacks is merely attempting to disrupt services, rather than penetrate networks and actually
steal data- however, it is later discovered that part of the code used in the attack was
meant to destroy data and stop infected computers from being rebooted. Security experts however are unsure if this
code was ever activated, or if it was ever meant to. Despite coordinated and ongoing attacks over
the course of a full week, the overall impact is low on the US and South Korea. Enough electronic commerce however has been
disrupted to cause millions in financial losses. North Korea is very quickly identified as
the culprit of the attack by the South's intelligence services, though some security experts have
their doubts. The timing appears to be too coincidental,
as on the day of the attack North Korea also carried out a ballistic missile test, and
intelligence reveals that North Korea had ordered its cyber warriors to destroy South
Korea's communications networks. However, the culprits of the original MyDoom
attack remain unknown to this day. What is known is that the malicious attack
caused anywhere between $30 and $50 billion in damage, affecting not just American companies
but companies around the world. To date it remains the most destructive virus
in terms of raw economic impact, and traces of the virus continue to infect unwary internet
users around the world. Now go watch The Virus That Saved The World
From Nuclear Iran, or click this other video instead!
