In the beginning, when most of the internet was still rolling green fields, there was no need for antivirus software. Early web users could swap files with anyone without risk of infection - and they did, en masse, on messageboards and servers across the early web. Those were carefree days.
But in the early 80s, just like in the real world, everything changed. A program called 'Elk Cloner' was the first computer virus to appear in the wild. It was more of a practical joke than anything else, merely displaying a short poem if the videogame it was hidden inside was played more than fifty times, but it gave others more malicious ideas.
Early viruses spread over physical vectors like floppies and zip disks, but as the internet hooked up more and more computers, it quickly took over as the primary means of infection. Today, viruses cause billions of dollars worth of economic damage every year through data loss, systems failure, resource wastage and maintenance costs.
Virus creators and security researchers are fighting a brutal arms race over each new vulnerability discovered, while consumers suffer under the weight of bloated antivirus software that often does more harm than good. To date, no antivirus software can catch all malware.
But can we turn back the clock? Can we return to those halcyon days when you could let your parents play for hours unsupervised with an unpatched version of Internet Explorer?
Breaking the stalemate
An Israeli startup called CyActive believes it has a secret weapon that could finally wipe computer viruses off the face of the planet forever. "We've developed an unprecedented ability to automatically forecast the future of malware evolution, based on bio-inspired algorithms and a deep understanding of the black-hats' attack-launching process," explains Danny Lev, chief marketing officer at the company.
CEO Liran Tancman, who spent a decade in Israel's intelligence corps and was head of its cyber strategy unit before founding CyActive in 2013, details the problems with our modern approach to fighting viruses. "If and when a threat is exposed, it is analysed and a counter-solution is designed," he says. "Response times vary from weeks to years. Even if a solution is made available, attackers can easily modify the original code, evade the updated security measures, and once again a new threat is born."
This is a problem primarily because it's so inefficient, he says. "Attackers keep adapting to the evolving defences, despite the significant efforts exerted by cyber defenders in both enterprise and the cyber security solution vendor community. The unnerving ability of cyber-criminals, cyber terrorists and rogue nations to circumvent defensive mechanisms time and time again must be addressed to fundamentally change this battle ground."
Lev added: "The reactive paradigm creates an asymmetric relationship, whereby hackers have the unfair advantage: 'recycling' malware for re-use is quick and cost effective, while fighting malware is time-consuming and expensive. The mind-boggling fact is that for every dollar spent by black-hat hackers, hundreds of dollars are spent by the IT security industry. This economic imbalance is the springboard from which cyber-crime, cyber-terrorism and cyber-warfare are launched."
CyActive's approach to solving this problem involves predicting in advance how virus creators might vary their malware, blocking potential attacks before they're even created. "CyActive's algorithms predict hundreds of thousands of ways in which hackers could evade existing security measures," says Lev.
"Based on this foreknowledge, CyActive is the first to offer proactive detection of future malware before it has ever seen the light of day." That technique has won it funding from an Israeli cyber-security incubator.
However, despite the startup's grand claims of "unparalleled protection" for its customers, Lev declined to detail exactly what aspects of biology inspired the "bio-inspired" algorithms. When asked what's stopping virus creators adapting their software to outwit CyActive's algorithm, Lev said: "We constantly adapt the detectors, making sure we stay one step ahead." To us, that sounds suspiciously like we're back to square one of measures and countermeasures.