Placeholder Image

Subtitles section Play video

  • Fifty.

  • Billion.

  • Dollars.

  • It's a huge number, but as you'll see in today's video, that was the cost of the

  • damage caused by just one computer virus.

  • Even if you don't have billions of dollars to lose, you still have to keep yourself protected

  • when you're browsing online.

  • And that's why we're so happy that today's video was sponsored by Private Internet Access,

  • the leading no-log VPN service with over 30 million downloads.

  • Not only does Private Internet Access's VPN keep you safe by hiding your IP address

  • and protecting your private information, it also helps you browse the internet in the

  • way it was meant to be experienced, free of geo-restrictions or other location based blocks.

  • I use a VPN literally every day, both to keep my information from being exposed to bad actors,

  • the very same kind who might try to infect my machine with a devastating virus, but also

  • to watch video from sources that are blocked in my country.

  • Private Internet Access's VPN has access to nearly 20,000 servers in 70 countries,

  • works on virtually any device regardless of platform, a kill switch that disconnects you

  • from the internet if your VPN connection drops to ensure that your real IP isn't leaked,

  • and best of all, no logging

  • Ever!

  • So what are you waiting for?

  • Give it a try today with the link in the description and get 2 years plus 3 extra months free for

  • just $2.59 per month!

  • 26th January, 2004.

  • It's 8 am eastern time and the sun is rising over the east coast of the United States.

  • Tens of millions of commuters make their daily drive to offices from New York to Florida,

  • sitting down to open their emails and get the world of American business started for

  • the day.

  • Each person's inbox is unique, but a few thousand workers can't help but spot a unique email

  • amongst the typical spam, office gossip, or family member saying hello.

  • The email's message varies- for some it's a failed delivery notification, for others

  • it's a simplehey!” orClick me baby, one more time”, a funny throwback to Brittney

  • Spear's 1998 megahit pop song.

  • Wary of unknown email addresses, most people don't open the email and assume it's spam.

  • However, a few handful of people do open the email.

  • Out of them, several actually click the attached link.

  • That's all it'll take to unleash the most expensive computer virus in history.

  • The virus immediately scans the address book of the few fools who actually opened the included

  • attachment, installing itself on their machines.

  • Then, over the course of a few seconds, the virus emails itself to every single contact

  • in the user's address book.

  • This generates a new wave of infected emails- only this time coming from email addresses

  • familiar, and safe, to hundreds of people.

  • Those hundreds open their infected emails from a trusted source, immediately infecting

  • their own computers.

  • Once more, the virus scans their address books and emails itself to every contact on it.

  • Within the span of an hour, a single infected user has successfully spread the infection

  • to thousands of other users, the virus growing its web across the American east coast and

  • far beyond.

  • By 9pm eastern, the virus, which originated from Russia, has begun to reach computers

  • across the world.

  • By noon, the tech world has woken up to the monster that is MyDoom.

  • Security companies around the world race to identify the virus and work on a fix to the

  • infection.

  • By lunchtime in America, the virus has spread globally, with one in ten emails being sent

  • containing the virus.

  • Its reach is so pervasive that global internet speeds actually slow down by ten percent,

  • and loading times on the average web page increase by a whopping fifty percent.

  • IT experts are already working to reverse engineer the virus' code and come up with

  • a fix.

  • They allow the virus to infect an isolated network so they can monitor how the virus

  • behaves- and more importantly, what the ultimate goal is.

  • Perhaps it's just a harmless prank... with the staggering rate of infection computer

  • security companies around the world certainly hope so, but their hopes are quickly dashed.

  • The virus is preparing for stage one of an unknown nefarious purpose, with the infected

  • computers being roped in to create what may be the largest botnet of infected computers

  • in internet history.

  • But who is creating a massive global network of slave computers, and once they have it,

  • to what end will they turn the personal computers of hundreds of thousands of users to?

  • By the afternoon the virus has hit prime time and newscasters around the world are warning

  • users to update their virus protection.

  • However, it's already too late for most people, or even worse- suspicious users refuse to

  • allow their anti-virus protections to automatically download critical updates, fearing a fresh

  • infection.

  • MyDoom continues to spread almost completely unchecked.

  • By the next day the FBI and Secret Service begin to investigate the origins of the worm,

  • and a $250,000 reward is offered for information leading to the arrest of the worm's creator.

  • As users have become more aware, the spread of MyDoom has slowed slightly, it now is only

  • in one in twelve of all emails being sent globally, still causing massive slowdowns

  • of the internet.

  • Even worse, a second version of the worm, MyDoom.B begins to spread.

  • Two days after the spread of MyDoom, MyDoom.B has now been officially discovered.

  • This new version of the virus is even more malicious than the last, actually preventing

  • users from updating their antivirus software and thus keeping their computers vulnerable

  • to infection.

  • While global security agencies have now identified Russia as the source of the attack, the massive

  • global botnet is turned against Microsoft and internet security company SCO Group in

  • a Distributed Denial of Service attack meant to bring the two company's networks to a screeching

  • halt.

  • However, the attack appears to be faulty, and it's quickly realized that the real purpose

  • of MyDoom is to grant whoever unleashed it backdoor access to Microsoft and SCO Group's

  • computers.

  • Despite initially slowing down, MyDoom spread has now skyrocketed, with half of all email

  • traffic in the world containing the virus.

  • The virus now works to actively block users from the websites of over 60 internet security

  • companies, leaving users unable to download critical security updates and fixes.

  • MyDoom.B is working to ensure that infected users remain that way, and is being shockingly

  • successful at it.

  • Also targeted are online marketing companies, including many prominent American ones.

  • In what may be the least annoying side-effect for infected users, MyDoom has prevented pop-up

  • ads from DoubleClick and other advertisement companies from appearing.

  • The financial impact however very quickly climbs into the tens of millions, both from

  • lost revenue and the very quickly rising costs of technical support for users around the

  • world.

  • By the end of January, bugs in MyDoom.B's code are actually working against it, dramatically

  • slowing down the rate of infection.

  • However, it has already embedded itself in computers around the world, slowing down web

  • traffic.

  • Microsoft now matches the previous quarter million dollar reward for information leading

  • to the arrest of MyDoom's creator, raising the bounty to half a million dollars.

  • On the 1st of February, MyDoom really comes to life in a massive denial of service attack

  • against the SCO Group, causing the company to move its website from www.sco.com to www.thescogroup.com

  • in order to stay ahead of the attack, but most users are unable to reach the group's

  • website.

  • This has now become the largest electronic attack in history, as over one million computers

  • are unleashed in a massive botnet built by MyDoom.

  • While over 13% of all American computers are infected, in Russia- the virus' country of

  • origin- this figure is much lower due to better security measures taken by users.

  • Two days later MyDoom is unleashed against Microsoft, but the company has been very well

  • prepared for this attack.

  • Microsoft has already created an alternate website for users to access via information.microsoft.com,

  • which the worm fails to target.

  • The company has also been taking proactive measures in anticipation of the electronic

  • assault to come, and its IT experts are very well prepared for the attack.

  • In fact, Microsoft is so well prepared, that the effect of the attack against the company

  • is less than the burden of normal day-to-day software updates distributed by the company.

  • The unstoppable computer virus has at last met its match, and been roundly defeated.

  • That does not mean the nightmare is over however.

  • Despite it being known that MyDoom.B was attempting to create a backdoor into infected computers,

  • many users remain unaware and on February 9th, Doomjuice is unleashed.

  • This worm spreads only to infected computers, using the backdoor created by MyDoom.B to

  • gain access.

  • A new DdoS attack against Microsoft is launched.

  • Though the identity of the virus creators remains unknown, Russian security firm Kaspersky

  • Labs confirms that the virus is Russian in origin and works with authorities to track

  • down the perpetrators.

  • While the world remains focused on the DdoS attacks, Kaspersky Labs warns that the true

  • purpose of the virus may be to create massive email relays that can be sold to the spam

  • industry for incredible profit.

  • The attack is so sophisticated and well-coordinated that many around the world suspect organized

  • crime to be behind the virus, and while many are convinced criminals in Russia to be behind

  • the attack, others warn that the perpetrators may simply have been using domains registered

  • in Russia to cover their tracks.

  • The reward for information leading to the arrest of the perpetrators now skyrockets

  • to $650,000, the largest such bounty to date.

  • Three days later, the first version of MyDoom is programmed to stop spreading.

  • Despite this, the backdoor secretly installed by the malicious bug remains open, and the

  • perpetrators continue to have access to as many as over half a million computers around

  • the world.

  • By the first of March, MyDoom.B also self-terminates, but naturally the backdoor remains open.

  • Security experts work to undo the damage caused by MyDoom, and costs climb into the hundreds

  • of millions in lost revenue and technical assistance.

  • The worm's slow down of the internet itself affects even businesses not targeted by the

  • attack, causing e-commerce itself to slow down and further inflating the economic damage

  • of the worm.

  • Then in the middle of the summer, another variant of MyDoom manages to bring down Google,

  • while also attacking popular search engines AltaVista and Lycos.

  • Google quickly recovers, but is down for nearly a full day, and other search engines are so

  • badly affected that they are significantly slowed down.

  • However, knowledge of MyDoom has led to a steep reduction in infected computers, and

  • despite fears of a new, more powerful variant of MyDoom being on the horizon, several updated

  • versions of the worm fail to gain as much traction.

  • By early 2005, MyDoom has been largely neutralized, and new software updates have plugged the

  • vulnerabilities left behind in the virus's wake.

  • The world breathes a sigh of relief... then in 2009, MyDoom resurfaces again.

  • This time the attack is highly targeted, hitting government and financial networks in South

  • Korea and the United States.

  • South Korea's Blue House- the equivalent of the American White House- and the actual American

  • White House are targeted, as well as the Pentagon, the South Korean National Intelligence Service,

  • its National Assembly, and the American New York Stock Exchange, Washington Post, NASDAQ,

  • and Amazon.

  • The attack is very quickly identified, and global security experts realize that it is

  • using bits of MyDoom's code, resurrecting the dead worm as some kind of electronic Frankenstein's

  • monster.

  • For a full week both the US and South Korea weather a storm of electronic attacks against

  • its government and financial networks.

  • It's believed that whoever is launching the attacks is merely attempting to disrupt services,

  • rather than penetrate networks and actually steal data- however, it is later discovered

  • that part of the code used in the attack was meant to destroy data and stop infected computers

  • from being rebooted.

  • Security experts however are unsure if this code was ever activated, or if it was ever

  • meant to.

  • Despite coordinated and ongoing attacks over the course of a full week, the overall impact

  • is low on the US and South Korea.

  • Enough electronic commerce however has been disrupted to cause millions in financial losses.

  • North Korea is very quickly identified as the culprit of the attack by the South's intelligence

  • services, though some security experts have their doubts.

  • The timing appears to be too coincidental, as on the day of the attack North Korea also

  • carried out a ballistic missile test, and intelligence reveals that North Korea had

  • ordered its cyber warriors to destroy South Korea's communications networks.

  • However, the culprits of the original MyDoom attack remain unknown to this day.

  • What is known is that the malicious attack caused anywhere between $30 and $50 billion

  • in damage, affecting not just American companies but companies around the world.

  • To date it remains the most destructive virus in terms of raw economic impact, and traces

  • of the virus continue to infect unwary internet users around the world.

  • Now go watch The Virus That Saved The World From Nuclear Iran, or click this other video

  • instead!

Fifty.

Subtitles and vocabulary

Operation of videos Adjust the video here to display the subtitles

B1 attack infected worm microsoft security korea

Computer Virus That Caused $50 Billion Damage

  • 5 0
    Summer posted on 2021/04/16
Video vocabulary