Here is an article re the 2000 ‘I Love You’ virus and its author Onel de Guzman from Pandacan Manila. He was only a student at the time and is now 44yo working as a phone tech. The bug is estimated to have caused US$5.5–8.7 billion in damages worldwide and had cost US$15 billion to remove. Everyone remembers this virus. I was a part time computer technician and my client was hit very hard. Most of their computers were infected and it caused widespread panic.
I have a couple of takeaways from this event. Foremost at the time was how easy it was to infect anyone using Microsoft Outlook. I had already blacklisted Outlook at the time due to its obvious propensity for viruses via allowing .vbs and .exe files execute freely and the fact it used to save everything, including email, attachments, calendar entries etc., into one giant data file (I forget what the name is now).
Its’ ‘all eggs in one basket’ system made a disaster inevitable. The moment that file was corrupted in any way all the user’s data was gone. Outlook like all MS products blatantly try to make you use its other apps by hiding features that you need until you buy the whole MS Office. An unnecessary annoyance considering there were so many capable free options out there that didn’t force you to buy anything, but people still liked Outlook because ‘it looked cool’.
My 2nd takeaway is how it was the first effective malicious social engineering app. No one, ABSOLUTELY NO ONE, can resist opening a message from a friend, acquaintance, co worker senior or junior, that allegedly declares their love for them. Ok fine I exaggerate but you have to admit 90% would still be accurate.
I bet if another attachment virus or otherwise were to spread with the same message again today it would still be as effective. People just can’t resist, the proof was obvious. People who’s computers were infected weren’t just annoyed at losing their work. They were embarrassed that they ‘fell’ for the idea that a co worker had a crush on them.
It is foremost on my mind that people are still the weakest links in any system’s chain. The best developers can work their magic coding the most amazing apps possible only for it to collapse due to humans just not getting it. Security devs and IT professionals privately bang their heads against the wall when they see clients and friends using apps haphazardly with little to no regard to security.
They open attachments, pass around memes with hidden worms, allow apps to access storage and the camera even if it has no need to, answer chain emails, download face apps that steal their info, use compromised messaging software because of its cute backgrounds and submit dancing videos for the entertainment of Chinese hackers.
So no, we haven’t really learned much since the Love Bug 20 years ago. Frankly it’s the malicious app developers who have had the most to gain. And it’s super easy. All they have to do is make their virus appear it came from a co worker who had a crush on you. Now we just have to wait for an app as easy to penetrate as MS Outlook and by God it would take over the world.
About me: I run https://kaijuhost.com, a webhosting and development company.