As you might have read, we decided to declare November 3 as Antimalware Day because it was on this date in
1983, when computer scientist Dr. Fred Cohen, then a student, created a program capable of
rapidly overtaking a general purpose system, as part of a university
experiment. It was the first time a program like that was called a computer
virus, and it meant the beginning of computer defense techniques.
We continue the Antimalware Day celebration, an
ESET initiative, by going back to that fateful day in 1983 when this program
and its name were born. At that moment, the virus was defined as “a program
that can ‘infect’ other programs by modifying them to include a possibly
evolved copy of itself”.
Dr. Cohen demonstrated a virus-like program he
created after eight hours of work on a VAX11/750 system running Unix; it was
capable of installing itself in other system objects and infecting them.
He wanted to prove how quickly this program could
self-replicate. It was his teacher back then, Prof. Leonard
Adleman, who coined the term “computer virus” to name the program,
referring to its operation in terms of “infection”. He is a well-known computer
scientist, one of the creators of RSA encryption algorithm
(Rivest-Shamir-Adleman) and creator of DNA computing.
The Californian native not only gave a name to the
program, but he also obtained the permits needed to conduct those first
experiments at the University of Southern California (USC), and accompanied
Cohen during his research and supervised him while he was writing his PhD thesis.
Therefore, we can say, confidently, that he is the
right person to tell the story about how the first computer virus was born.
This is how he told us what happened on November 3,
1983:
I recall Fred, who was a student at my class,
coming up to me after class and saying “I have this idea for a new kind of
computer threat”. He said, “I will write this program and make it available to
all the users on our systems. I will advertise the program as doing something
useful, like organizing the user’s files”. But when they uploaded the program,
what it would actually do is surrender all control of their data and privileges
to Fred.
I said “Fred, yeah, that would work”. And he said
“I wanna try it”. And I said, “Fred, you don’t have to try it. It will
obviously work”. And Fred said “I wanna try it”. And I said “Fred, there’s no
point. It will do exactly what you say”. And Fred said “I wanna try it”. So
Fred was very sort of forceful and energetic. And so I finally went to the
Chairman of the Computer Science Department and asked for permission for Fred
to try this experiment on the department computer.
This was 1983, there were no smartphones or
anything similar to personal computers, and the department computer was used by
the entire faculty, all the students and all the administrators. Fortunately,
the Chairman said “Sure, why not?”, so Fred did his experiment and wrote his
program. Think of that program as one of the fake apps we speak about today, a thing that is advertised to
do something but when you download it, it might do something else.
When he had done his experiment, his lecturer,
Prof. Adleman, invited him to report the results to the class:
The program had done exactly what he had claimed it
would do. It very rapidly was taken up by users of the system and all rights
and privileges and data of the system were surrendered to Fred.
Cohen went on to do several experiments, and it
never took more than a couple hours before he had complete access and complete
control of the entire computer. So it worked.
Realizing what had just happened and what this
virus meant
As passionate as he was with these experiments,
Fred Cohen started thinking about what else could be done with these kinds of
programs. According to Prof. Adleman:
He had all sorts of ideas, as I recall, about good
things you could do with these programs. They would sort of run around and
organize data without your intervention, they would do good things, but of
course, it was also possible that they could do bad things.
So when word got out about Fred’s success, other people
started thinking about what these kinds of computer threats could do, and the
Chairman didn’t want any more experiments done on his computer.
Not that this was going to stop Fred’s interest in
the matter: he was intensely interested and wanted to write his PhD thesis on
it. Since he was in the Electrical Engineering Department and Prof. Adleman was
in the Computer Science Department, the latter became his de facto supervisor,
adding a theoretical perspective to the investigation, attempting to give a
definition of what a computer virus was, and proving that it would be very
difficult to stop them or recognize them all:
I would meet with Fred on a regular basis to discuss
this, and I at the same time was doing research on HIV in a molecular biology
lab. So viruses and how they worked were sort of much in my mind and I was
reading a lot about molecular biology at that time. And so somewhere along the
line during our discussions I started calling these things computer viruses.
Then sometime after that, I was at a conference on
cryptography and ran into a reporter from the LA Times. His name was Lee
Dembart, and Lee asked me what was going on. I said “not much, I’ve got a
student who is researching something we’re calling computer viruses, but the
research is embryotic and we haven’t got much now”.
Of course, saying the name ‘computer virus’ to a
journalist when nobody knew about them was planting the seed, and the story wrote
itself from that moment. “Lee wrote the story about it. I have never been able
to find that copy but I think it was illustrated with a computer with a
thermometer. And that’s what got the term computer virus out into the world”,
he concluded.
When did we start talking about viruses?
“Saying the name ‘computer
virus’ to a journalist when nobody knew about them was planting the seed”
Prof. Adleman acknowledges the term had been
already used in science fiction at the time, for example in the movie Westworld
of 1973, where the staff of the park meets to discuss the spread of
malfunctions in the robots that were being caused by a sort of virus, analogous
to the ones that cause infectious diseases.
And if you are thinking “wait, I remember Creeper,
Elk Cloner and other early threats as also being the first viruses”, you are right.
Remember, this was 1983 and there was no internet as we know it today, no
smartphones or social media, so Fred Cohen and Len Adleman didn’t actually know
about these other experimental programs. Anyway, none of them were actually
called a “virus” at the time:
We weren’t aware of other experiments apart from
ours. I’ve learned since then that other computer programs that had been
written by other people also have the claim to be the first computer virus, but
at the time we didn’t know any of that.
Whether Dr.Cohen’s was the actual first computer
virus or not, we can certainly say that the reason we all now know these things
as computer viruses today is because they both started calling them computer
viruses at that time.