Sign up to our newsletter
In the early 1980s, with computer technology in its relative infancy and worldwide internet access a distant dream, the idea that computers sitting benign and beige on work desks could become infected with a virus was still, by and large, the stuff of science fiction.
Whilst there had been early versions of what we’d now term a virus, for example, Elk Cloner, written for Apple in 1981, they weren’t the kind of malicious constructs with which we are now all-too-familiar.
It was against this background that users who had purchased software developed by a Pakistan-based company innocently inserted now archaic floppy disks containing medical software into their PCs, but found they had installed more than they bargained for. And what happened on January 19th, 1986, changed the world of computing forever.
The software, which quietly installed itself onto diskettes, was developed by two brothers Basit and Amjad Farooq Alvi from Lahore (while this is accepted wisdom, other experts have questioned this). This boot sector virus is generally now regarded as the first PC virus, named Brain after the company the brothers ran (and indeed still run).
But what made these software developers want to create something like this? Surprisingly, it was protection rather than attack that was foremost on their mind when developing the program (although, as some researchers argue, it doesn’t really act as a software protection scheme).
Worried that their software was being unfairly/immorally copied, they wrote a program that they hoped would secure their software. Ironically, in trying to protect themselves – as the brothers claim – they unwittingly attacked the PCs of others. Again, it’s important to note that this is the story put forward by the Alvi brothers – it could easily have been retaliatory, to punish software pirates.
Speaking in a documentary in 2011, Amjad Farooq Alvi explained that the idea also came about due to intellectual curiosity. “We were experimenting with a few things. One thing was whether in DOS we can have multitasking,” he said.
They were also interested in exploring the security of the then-new operating system. “The DOS was something new and when we explored the security issues of DOS [we] realized it was possible [to infiltrate] it with a piece of code.”
Finally, the brothers were interested in seeing how widely their software was being used. “[We wanted] to find out how the floppies and how the programs and software move around,” explained Alvi. “We [could] see and watch whether it’s going to spread around the world or remain within a certain group of people.”
Unfortunately, the software written by the brothers ended up being rather too successful. The virus spread – to other floppies – and many users, worried by the message that popped up on their screens, contacted the brothers – they had, after all, included their contact details in the display message.
Like many clever concepts, the ideas behind the software were eagerly gobbled up by those looking to enhance – and show off – their computing skills. Copycat viruses were developed, but initially, these were not intended to be malicious.
It would not be until the turn of the 21st century that the criminalization of malware really began to take shape (here’s an interesting paper from 2012, by ESET’s Aryeh Goretsky, that looks back at the early days of computer viruses and contextualizes them with today’s threats).
With the concept of a computer virus proposed as early as the 1940s, it is likely that without Brain and its predecessors, viruses would have sprung forth regardless, from a different source. So whilst the infiltration of DOS was big news in many ways, the virus was simply a step in an inevitable process.
Computer viruses as we know them today flourish via the internet, which enabled viruses to spread more subtly without the insertion of a disk or other external devices. But back in the 1980s, Brain gave us a glimpse into a world full of possibilities, both exciting and rather more sinister.
Author Editor, ESET