Protecting Against Programmed Threats
Not much is known about
the people who write and install programmed threats, largely because
so few have been identified. Based on those authors who are known
to authorities, they can probably be grouped into a few major categories.
One of the largest categories of individuals who cause security
problems includes disgruntled employees or ex-employees who feel
that they have been treated poorly or who bear some grudge against
their employer. These individuals know the potential weaknesses
in an organization's computer security. Sometimes they
may install logic bombs or back doors in the software in case of
future difficulty. They may trigger the code themselves, or have
it be triggered by a bug or another employee.
A second category includes thieves and embezzlers. These individuals
may attempt to disrupt the system to take advantage of the situation,
or to mask evidence of their criminal activity.
or political espionage or sabotage is another reason people might
write malicious software. Programmed threats are a powerful and
potentially untraceable means of obtaining classified or proprietary
information, or of delaying the competition (sabotage), although
not very common in practice.
may also be a motive, with the authors threatening to unleash destructive
software unless paid a ransom. Many companies have been victims
of a form of extortion in which they have agreed not to prosecute
(and then sometimes go on to hire) individuals who have broken into
or damaged their systems. In return, the criminals agree to disclose
the security flaws that allowed them to crack the system. An implied
threat is that of negative publicity about the security of the company
if the perpetrator is brought to trial, and that of additional damage
if the flaws are not revealed and corrected.
Undoubtedly, some programmed threats
are written by experimenters and the curious. Other damaging software
may be the result of poor judgment and unanticipated bugs.
Of course, many accidents can be viewed as criminal, too, especially
if they're conducted with reckless disregard for the potential
Another motivation for writing a virus or worm might be
to profit, gain fame, or simply derive some ego gratification from
the pursuit. In this scenario, someone might write a virus and release
it, and then either try to gain publicity as its discoverer, be
the first to market software that deactivates it, or simply brag
about it on a bulletin board. We do not know if this has happened
yet, but the threat is real as more media coverage of computer crime
occurs, and as the market for antiviral and security software grows.
One ongoing element in PC virus writing seems to be an underlying
political motivation. These viruses make some form of politically
oriented statement when run or detected, either as the primary purpose
or as a form of smokescreen. This element raises the specter of
virus-writing as a tool of political extremists seeking a forum,
or worse, the disruption or destruction of established government,
social, or business institutions. Obviously, targeting the larger
machines and networks of these institutions would serve a larger
what their numbers or motives, authors of code that intentionally
destroys other people's data are vandals. Their intent
may not be criminal, but their acts certainly are. Portraying these
people as heroes or simply as harmless "nerds"
masks the dangers involved and may help protect authors who attack
with more malicious intent.