Placeholder Image

Subtitles section Play video

  • Computers are incredible.

  • By combining a few different parts, they can use electrical signals to store information,

  • perform billions of calculations per second, and connect you with the rest of the world.

  • But all those different components and connections are also vulnerable.

  • If a malicious piece of code, a computer virus, gets in, it can take over your computer and

  • make it totally useless, or even turn it into a weapon.

  • A virus is any type of code that’s designed to spread to lots of different computers whether

  • you like it or not.

  • And once your computer is infected, the virus usually does something bad.

  • Weve talked about some of the most damaging computer viruses before.

  • But there are lots of different kinds of viruses and malware, short formalicious software”,

  • all of which can ruin your day in different ways.

  • Some are programmed to hold your files ransom for money.

  • Some are designed to bring down the internet servers at the White House.

  • And some are meant to physically destroy uranium enrichment centrifuges.

  • The first virus on our list is the first virus that actually had the power to damage your

  • computer’s hardwareto fix it, you had to physically replace electronics.

  • It appeared in 1998, and became known as the Chernobyl virus.

  • It did more than just render your computer unusable: it turned it into a useless chunk

  • of plastic until you went out and replaced your computer’s BIOS chip.

  • BIOS stands for basic input/output system, and as the name suggests, one of its jobs

  • is to handle all of your computer’s input/output devices.

  • Like your keyboard and mouse, like your monitor, and your hard drive.

  • It’s what your microprocessor uses to talk to all the different parts of your computer

  • that you can actually interact with.

  • So if anything happens to your BIOS chipthere’s no way to fix it.

  • You can’t tell it how to fix itself without some kind of input/output device.

  • The Chernobyl virus would infect any files and programs you tried to use.

  • It’s what’s known as a space filler virus: it hides in the unused space inside of other files.

  • If those files were shared, or an infected program was redistributed, the virus travels

  • with them to a new machine, to infect even more stuff.

  • Then, the next April 26, which happens to be the anniversary of the Chernobyl nuclear

  • disaster, the Chernobyl virus would activate.

  • It would wipe out all the data on an infected computer, and overwrite the BIOS chip.

  • The virus did hundreds of millions of dollars worth of damage, and it’s still not been

  • completely quarantined.

  • Luckily, only machines running the Windows 95 and 98 operating systems are vulnerable,

  • so unless youre one of the people still using Windows 98, you probably don’t need

  • to worry about it.

  • The virus’s author was Taiwanese computer programmer Chen Ing Hau, who actually signed

  • the code with his own initials.

  • And, incredible as it sounds, he never did time.

  • At the time, what he did wasn’t illegal under Taiwanese cyber crime laws.

  • About 80% of the destructive malware on the internet are what’s known as worms.

  • Worms are standalone pieces of code that can infect your computer directly.

  • They don’t need to infect any specific program to work.

  • Some worms infected target computers via e-mail attachments.

  • You got an e-mail from someone in your address book, clicked on the attachment, and just

  • like that, you’d downloaded the worm.

  • The Code Red worm took a stealthier approach.

  • There was no e-mail attachment.

  • It attacked its victimscomputers through their connection to the internet.

  • To get infected, all you had to do was be online when the worm randomly tried to access

  • your IP address, your computer’s internet ID.

  • You also though had to be running a server that used Microsoft’s Internet Information

  • Services, which had a vulnerability the worm could exploit.

  • Code Red would send a long string of meaningless charactersthe letter N, like, fifty times

  • which would be more data than the computer was expecting.

  • That would give the worm access to parts of the computer’s memory where it wasn’t

  • supposed to be.

  • Once it wrote itself onto your machine, it would start looking for more random IP addresses

  • to infect.

  • That would slow your internet down to a crawl.

  • The name Code Red, might sound kind of cool, until you find out that it was named after

  • the flavor of soft drink the guy who discovered it was drinking at the time.

  • We at SciShow have begun to suspect that this was just some kind of massive Mountain Dew brand deal.

  • It was first spotted on July 13th, 2001.

  • Code Red infected 360,000 computers in under 14 hours.

  • That’s one of the fastest outbreaks of all time.

  • The plan was to overwhelm the White House's servers by having every machine infected with

  • Code Red send junk data to the IP address used by the White House.

  • But it didn't work.

  • Software security experts discovered the worm, and just changed the White House’s IP address

  • before the attack was launched.

  • The security flaw in Microsoft’s IIS was also fixed.

  • But between the loss of productivity experienced by the infected machines, and the cost of

  • cleaning everything up afterwards, Code Red did about 2.7 billion dollars in damage.

  • Whoever wrote it was never caught.

  • Another kind of malware is ransomware, which holds your data for ransom.

  • Syndicates who use ransomware can easily make millions of dollars per year from people and

  • businesses desperate to get their data back.

  • One of the most damaging ransomware programs is Cryptolocker, which hit its peak in 2013.

  • It mainly distributed itself via a botnet, a group of computers that had already been

  • infected with another virus.

  • You could also get it by opening the wrong kind of email attachment.

  • Honestly, it’s starting to seem like you should never open anything that you are emailed, ever.

  • The idea behind Cryptolocker was simple.

  • It would infect your computer, encrypt all your files, and then give you three days to

  • pay three hundred dollars in an untraceable currency like Bitcoin.

  • If you paid, they sent you the key to decrypt your files.

  • If you didn’t, Cryptolocker would delete itself, leaving all of your files encrypted

  • with no way of ever getting them back.

  • Ever.

  • And I mean, no way of getting them back.

  • In our cryptography episode, we talked about how much easier it is to encrypt something

  • than it is to decrypt it.

  • Without the decryption key, your files are gone.

  • On the...I guess you could call it theupside,” users who paid the ransom did actually get

  • their files back.

  • At least until other hackers started attacking the servers where Cryptolocker stored its

  • decryption keys.

  • After thatehhh, you are lucky if you got your key.

  • Cryptolocker was eventually neutralized by taking down the botnet it used to distribute itself.

  • But not before its creators made an estimated three million dollars in bitcoins from their victims.

  • Whoever they were, they were never found.

  • At this point, you might be thinking, “ well, It’s a good thing I use an antivirus program.”

  • Yeahabout that.

  • Our next piece of malware is Bakasoftware.

  • Although you might know it better as Antivirus XP 2008.

  • Or Spyware Protect 2009.

  • Or any of its many other names, all of which are meant to trick you into thinking it’s

  • a legitimate antivirus program.

  • Bakasoftware is what’s known as a Trojan Horse, a program that gets onto your computer

  • by making you believe it’s something harmless.

  • Or even something that’s supposed to protect you from viruses.

  • When you download Bakasoftwareor whatever it’s calling itself these daysit runs

  • a fake scan of your computer, which detects fake viruses.

  • Bakasoftware then tells you that in order to remove those viruses, you need to upgrade

  • to the full version of the program, for some reasonable-sounding figure like $39.95.

  • And itll keep popping up to tell you to upgrade every time you try to open a file,

  • open a program, open a folder, or switch between windows.

  • It can make your computer practically unusable.

  • And you cannot just uninstall it.

  • Bakasoftware spreads itself across potentially dozens of different places on your hard drive.

  • If you get infected by any of the heads of the Bakasoftware hydra, there are tools to

  • remove it, but it is a huge nightmare, and it doesn’t always work.

  • Bakasoftware is still operating today, and infecting thousands of new computers every month.

  • It seems like it shouldn’t be that hard to find out who’s running it.

  • I mean, you can pay them with your credit card, you don’t need bitcoins.

  • And we do pretty much know who’s running it.

  • The problem is that theyre in Russia

  • Bakasoftware doesn’t attack Russian users.

  • Russian cybercrime laws don’t apply unless a Russian citizen is affected.

  • The good news is that if your operating system is set to default to Russian language settings,

  • and if youre using a Cyrillic keyboard, Bakasoftware should leave you alone, as well!

  • The last virus on our list, you will not get from e-mail attachments.

  • You can’t get it from a botnet.

  • In fact, unless youre an Iranian nuclear scientist, youve got nothing to worry about.

  • I’m talking about Stuxnet: the first known digital weapon deployed by a nation for strategic purposes.

  • That nation...was the United States, along with allies in Israel.

  • Developed under the codename Olympic Games, Stuxnet was greenlit in 2006, under the Bush

  • administration, to slow Iranian nuclear development.

  • The goal was to develop a virus that could take out the centrifuges powering uranium

  • enrichment in the Natanz enrichment plant in Iran.

  • That virus was Stuxnet, which was deployed in 2009.

  • Stuxnet had to be carried into Natanz on thumb drives, either by double agents or unknowing accomplices.

  • Once the thumb drive was plugged in, Stuxnet would deposit itself on the target computer.

  • To avoid detection, it came with security certifications stolen from legitimate companies

  • like RealTek and JMicronTechnology, both based in Taiwan.

  • Once inside Natanz, Stuxnet infiltrated the computers used to calibrate the system that

  • controlled Stuxnets five thousand centrifuges.

  • Then it would do two things.

  • Stuxnet would order the rotors that drove the centrifuges to suddenly either speed up

  • or slow down.

  • The rotors would crack, and the centrifuges would break.

  • At the same time, Stuxnet would intercept the information that this was happening before

  • it reached the control centers where in Natanz’s nuclear technicians were watching.

  • Instead, Stuxnet sent them data that said that everything was fine.

  • So the Iranian scientists knew that centrifuges were failing all the time...but they did not

  • know why.

  • With the kind of equipment used at Natanz, you’d expect them to need to replace around

  • 800 centrifuges a year.

  • Instead, they were replacing up to two thousand centrifuges every couple of months.

  • In 2010, Stuxnet escaped Natanz on an Iranian engineer’s laptop, and started replicating

  • itself all over the internet.

  • So, suddenly, everyone knew about it, and wanted to figure out what it was.

  • A global investigation followed, as security specialists around the world did everything

  • they could to figure out how Stuxnet worked and who was behind it.

  • It took almost a year.

  • Stuxnet was, at the time, by far the most sophisticated piece of malware ever created.

  • So there are lots of different kinds of viruses, and lots of different ways they can do damage.

  • But you can avoid most of them, as long as you don’t open sketchy emails, download

  • weird files, or try to create a nuclear enrichment program

  • Don’t do that.

  • Yes, also you might want to use an antivirus program.

  • Just make sure it’s not actually a virus in disguise.

  • Thanks for watching this episode of SciShow, which was brought to you by our patrons on

  • Patreon, who makes SciShow and SciShow Space possible and now are deciding what channel

  • we should start next: SciShow Health, SciShow Life, or SciShow Psych.

  • If you want to support containts like this, and help us choose our new channel, go to

  • patreon.com/scishow.

  • Where were putting all of the money until the end of the year toward this new project, and

  • if you just want to keep getting smarter with us, you can of course go to youtube.com/scishow

  • and subscribe!

Computers are incredible.

Subtitles and vocabulary

Click the word to look it up Click the word to find further inforamtion about it