Computer Virus That Caused $50 Billion Damage

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
Fifty. Billion. Dollars. It’s a huge number, but as you’ll see in today’s video, that was the cost of the damage caused by just one computer virus. Even if you don’t have billions of dollars to lose, you still have to keep yourself protected when you’re browsing online. And that’s why we’re so happy that today’s video was sponsored by Private Internet Access, the leading no-log VPN service with over 30 million downloads. Not only does Private Internet Access’s VPN keep you safe by hiding your IP address and protecting your private information, it also helps you browse the internet in the way it was meant to be experienced, free of geo-restrictions or other location based blocks. I use a VPN literally every day, both to keep my information from being exposed to bad actors, the very same kind who might try to infect my machine with a devastating virus, but also to watch video from sources that are blocked in my country. Private Internet Access’s VPN has access to nearly 20,000 servers in 70 countries, works on virtually any device regardless of platform, a kill switch that disconnects you from the internet if your VPN connection drops to ensure that your real IP isn’t leaked, and best of all, no logging… Ever! So what are you waiting for? Give it a try today with the link in the description and get 2 years plus 3 extra months free for just $2.59 per month! 26th January, 2004. It's 8 am eastern time and the sun is rising over the east coast of the United States. Tens of millions of commuters make their daily drive to offices from New York to Florida, sitting down to open their emails and get the world of American business started for the day. Each person's inbox is unique, but a few thousand workers can't help but spot a unique email amongst the typical spam, office gossip, or family member saying hello. The email's message varies- for some it's a failed delivery notification, for others it's a simple “hey!” or “Click me baby, one more time”, a funny throwback to Brittney Spear's 1998 megahit pop song. Wary of unknown email addresses, most people don't open the email and assume it's spam. However, a few handful of people do open the email. Out of them, several actually click the attached link. That's all it'll take to unleash the most expensive computer virus in history. The virus immediately scans the address book of the few fools who actually opened the included attachment, installing itself on their machines. Then, over the course of a few seconds, the virus emails itself to every single contact in the user's address book. This generates a new wave of infected emails- only this time coming from email addresses familiar, and safe, to hundreds of people. Those hundreds open their infected emails from a trusted source, immediately infecting their own computers. Once more, the virus scans their address books and emails itself to every contact on it. Within the span of an hour, a single infected user has successfully spread the infection to thousands of other users, the virus growing its web across the American east coast and far beyond. By 9pm eastern, the virus, which originated from Russia, has begun to reach computers across the world. By noon, the tech world has woken up to the monster that is MyDoom. Security companies around the world race to identify the virus and work on a fix to the infection. By lunchtime in America, the virus has spread globally, with one in ten emails being sent containing the virus. Its reach is so pervasive that global internet speeds actually slow down by ten percent, and loading times on the average web page increase by a whopping fifty percent. IT experts are already working to reverse engineer the virus' code and come up with a fix. They allow the virus to infect an isolated network so they can monitor how the virus behaves- and more importantly, what the ultimate goal is. Perhaps it's just a harmless prank... with the staggering rate of infection computer security companies around the world certainly hope so, but their hopes are quickly dashed. The virus is preparing for stage one of an unknown nefarious purpose, with the infected computers being roped in to create what may be the largest botnet of infected computers in internet history. But who is creating a massive global network of slave computers, and once they have it, to what end will they turn the personal computers of hundreds of thousands of users to? By the afternoon the virus has hit prime time and newscasters around the world are warning users to update their virus protection. However, it's already too late for most people, or even worse- suspicious users refuse to allow their anti-virus protections to automatically download critical updates, fearing a fresh infection. MyDoom continues to spread almost completely unchecked. By the next day the FBI and Secret Service begin to investigate the origins of the worm, and a $250,000 reward is offered for information leading to the arrest of the worm's creator. As users have become more aware, the spread of MyDoom has slowed slightly, it now is only in one in twelve of all emails being sent globally, still causing massive slowdowns of the internet. Even worse, a second version of the worm, MyDoom.B begins to spread. Two days after the spread of MyDoom, MyDoom.B has now been officially discovered. This new version of the virus is even more malicious than the last, actually preventing users from updating their antivirus software and thus keeping their computers vulnerable to infection. While global security agencies have now identified Russia as the source of the attack, the massive global botnet is turned against Microsoft and internet security company SCO Group in a Distributed Denial of Service attack meant to bring the two company's networks to a screeching halt. However, the attack appears to be faulty, and it's quickly realized that the real purpose of MyDoom is to grant whoever unleashed it backdoor access to Microsoft and SCO Group's computers. Despite initially slowing down, MyDoom spread has now skyrocketed, with half of all email traffic in the world containing the virus. The virus now works to actively block users from the websites of over 60 internet security companies, leaving users unable to download critical security updates and fixes. MyDoom.B is working to ensure that infected users remain that way, and is being shockingly successful at it. Also targeted are online marketing companies, including many prominent American ones. In what may be the least annoying side-effect for infected users, MyDoom has prevented pop-up ads from DoubleClick and other advertisement companies from appearing. The financial impact however very quickly climbs into the tens of millions, both from lost revenue and the very quickly rising costs of technical support for users around the world. By the end of January, bugs in MyDoom.B's code are actually working against it, dramatically slowing down the rate of infection. However, it has already embedded itself in computers around the world, slowing down web traffic. Microsoft now matches the previous quarter million dollar reward for information leading to the arrest of MyDoom's creator, raising the bounty to half a million dollars. On the 1st of February, MyDoom really comes to life in a massive denial of service attack against the SCO Group, causing the company to move its website from www.sco.com to www.thescogroup.com in order to stay ahead of the attack, but most users are unable to reach the group's website. This has now become the largest electronic attack in history, as over one million computers are unleashed in a massive botnet built by MyDoom. While over 13% of all American computers are infected, in Russia- the virus' country of origin- this figure is much lower due to better security measures taken by users. Two days later MyDoom is unleashed against Microsoft, but the company has been very well prepared for this attack. Microsoft has already created an alternate website for users to access via information.microsoft.com, which the worm fails to target. The company has also been taking proactive measures in anticipation of the electronic assault to come, and its IT experts are very well prepared for the attack. In fact, Microsoft is so well prepared, that the effect of the attack against the company is less than the burden of normal day-to-day software updates distributed by the company. The unstoppable computer virus has at last met its match, and been roundly defeated. That does not mean the nightmare is over however. Despite it being known that MyDoom.B was attempting to create a backdoor into infected computers, many users remain unaware and on February 9th, Doomjuice is unleashed. This worm spreads only to infected computers, using the backdoor created by MyDoom.B to gain access. A new DdoS attack against Microsoft is launched. Though the identity of the virus creators remains unknown, Russian security firm Kaspersky Labs confirms that the virus is Russian in origin and works with authorities to track down the perpetrators. While the world remains focused on the DdoS attacks, Kaspersky Labs warns that the true purpose of the virus may be to create massive email relays that can be sold to the spam industry for incredible profit. The attack is so sophisticated and well-coordinated that many around the world suspect organized crime to be behind the virus, and while many are convinced criminals in Russia to be behind the attack, others warn that the perpetrators may simply have been using domains registered in Russia to cover their tracks. The reward for information leading to the arrest of the perpetrators now skyrockets to $650,000, the largest such bounty to date. Three days later, the first version of MyDoom is programmed to stop spreading. Despite this, the backdoor secretly installed by the malicious bug remains open, and the perpetrators continue to have access to as many as over half a million computers around the world. By the first of March, MyDoom.B also self-terminates, but naturally the backdoor remains open. Security experts work to undo the damage caused by MyDoom, and costs climb into the hundreds of millions in lost revenue and technical assistance. The worm's slow down of the internet itself affects even businesses not targeted by the attack, causing e-commerce itself to slow down and further inflating the economic damage of the worm. Then in the middle of the summer, another variant of MyDoom manages to bring down Google, while also attacking popular search engines AltaVista and Lycos. Google quickly recovers, but is down for nearly a full day, and other search engines are so badly affected that they are significantly slowed down. However, knowledge of MyDoom has led to a steep reduction in infected computers, and despite fears of a new, more powerful variant of MyDoom being on the horizon, several updated versions of the worm fail to gain as much traction. By early 2005, MyDoom has been largely neutralized, and new software updates have plugged the vulnerabilities left behind in the virus's wake. The world breathes a sigh of relief... then in 2009, MyDoom resurfaces again. This time the attack is highly targeted, hitting government and financial networks in South Korea and the United States. South Korea's Blue House- the equivalent of the American White House- and the actual American White House are targeted, as well as the Pentagon, the South Korean National Intelligence Service, its National Assembly, and the American New York Stock Exchange, Washington Post, NASDAQ, and Amazon. The attack is very quickly identified, and global security experts realize that it is using bits of MyDoom's code, resurrecting the dead worm as some kind of electronic Frankenstein's monster. For a full week both the US and South Korea weather a storm of electronic attacks against its government and financial networks. It's believed that whoever is launching the attacks is merely attempting to disrupt services, rather than penetrate networks and actually steal data- however, it is later discovered that part of the code used in the attack was meant to destroy data and stop infected computers from being rebooted. Security experts however are unsure if this code was ever activated, or if it was ever meant to. Despite coordinated and ongoing attacks over the course of a full week, the overall impact is low on the US and South Korea. Enough electronic commerce however has been disrupted to cause millions in financial losses. North Korea is very quickly identified as the culprit of the attack by the South's intelligence services, though some security experts have their doubts. The timing appears to be too coincidental, as on the day of the attack North Korea also carried out a ballistic missile test, and intelligence reveals that North Korea had ordered its cyber warriors to destroy South Korea's communications networks. However, the culprits of the original MyDoom attack remain unknown to this day. What is known is that the malicious attack caused anywhere between $30 and $50 billion in damage, affecting not just American companies but companies around the world. To date it remains the most destructive virus in terms of raw economic impact, and traces of the virus continue to infect unwary internet users around the world. Now go watch The Virus That Saved The World From Nuclear Iran, or click this other video instead!
Info
Channel: The Infographics Show
Views: 378,556
Rating: undefined out of 5
Keywords: virus, mydoom, computer virus, malware, computer, computers, internet, infographics, the infographics show, hacked, hacker, hackers, crime, billions, 50 billion hack, 50 billion
Id: cRH-khasTfg
Channel Id: undefined
Length: 12min 8sec (728 seconds)
Published: Thu Apr 15 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.