What is SPAM?

What is Spam?
Spam is in several ways not harmless. The least it does is taking away bandwidth from the internet users. By 2004 over 30% of all internet traffic is consumed up by spam.

Also consider that each e-mail cost in average the equivalent energy of 50 grams of coal, a lot of energy is wasted here. (quote from anonymous source) In this light it is un-understandable that there is done almost nothing against it.

And it gets worse and worse. Polluting one's mailbox and sometimes snow under messages you do want to receive. In volume spam can take up from 1 or 5 messages a day to almost 99% of you mail box. That of course is depending on how visible you are on the internet.

The original purpose of spam is selling or promoting an article. In the past several years Viagra, penis enlargers, libido enhancers, are the most popular items. Another list can be made of mortgage offerings, lending, offers to alleviate your loans or credit card burden. And lately spam offers nothing in particular but to visit some specific site mostly with content as the above.

It gets harder and harder to recognize spam because most messages appear to be quite normal with ordinary sender names and subjects. Even spam filters think the mail with a nonsensical (re: idiotic) contents are regular e-mail. But installing spam filters forces you to choose between speed over convenience. The tighter your screening is the more risk you have to filter out legitimate mail or slow down your email processing. The latter is the case with virus filtering. How most filters work can be abundantly found on the Internet.

How Spammers work
Many spammers can buy a database from companies with millions of valid email addresses and use them to advertise. These email addressees are composed of addresses used on newsgroups and chat rooms. Many companies have special software that can extract these addresses and put them into a database to sell. Many companies also search the web, looking for web addresses with the symbol @ at the end. From these, they can find valid email addresses. Many of these types of companies work outside countries with legislation against spamming in order to avoid lawsuits. According to Marshall Brain quoting "Detroit Free Press: Spam king lives large off others' e-mail troubles".

Typical spamming company often works like this:

The computers in Ralsky's basement control 190 e-mail servers -- 110 located in Southfield, 50 in Dallas and 30 more in Canada, China, Russia and India. Each computer, he said, is capable of sending out 650,000 messages every hour -- more than a billion a day -- routed through overseas Internet companies Ralsky said are eager to sell him bandwidth.

Many spammers can make up to $700 per hour by simply using lists of email addresses and applying them to their advertisement. As spam celebrates it's 25th year of operation, we must remember that spam takes up about 40% of all email messages sent on the web. How can we prevent this even further?

History of SPAM

The original term Spam was coined in 1937 by the Hormel corporation as a name for its potted meat product: a blend of spiced ham.

From there, the transition from meat product to internet term has a stop with Monty Python's Flying Circus.

In 1970, that BBC comedy show aired a sketch that featured a cafe that had a menu that featured items like "egg, bacon, and spam;" "egg, bacon, sausage, and spam;" " spam, bacon, sausage, and spam;" "spam, egg, spam, spam, bacon, and spam;" and finally "lobster thermidor aux crevettes with a mornay sauce garnished with truffle pate, brandy, and a fried egg on top and spam." To make matters sillier, the cafe was filled with Vikings who periodically break out into song praising Spam: "Spam, spam, spam, spam ... lovely spam, wonderful spam ..."

Computer people adopted the term from the Python sketch to mean overrunning a fixed-sized buffer with too much data, in other words the data was like the Spam in the sketch, something excessive and undesirable.

With the commercialization of the Internet, the term Spam expanded to include the unwanted commercial messages and that became the primary meaning.

There are two common alternative explanations that are certainly false.
The first is that it refers to a quality of the meat product such that when you throw it at a wall, most of it bounces off, but a little sticks--much like commercial spam, most of which is deleted but some is answered. While this is no more silly than the Monty Python explanation, it does not jibe with the original computer sense of overloading a buffer.
The second false explanation is that the computer spam is an acronym of some sort. Various phrases are suggested as the source, such as "stupid pointless annoying mail." All are obviously created after the fact.

The first commercial spam sent intentionally was that of a DEC representative to every Arpanet address on the west coast, or at least an attempt at that.
The sender is identified as Gary Thuerk, an aggressive DEC marketer who thought Arpanet users would find it cool that DEC had integrated Arpanet protocol support directly into the new DEC-20 and TOPS-20 OS.

February, Earliest known email chain letter (quickly stamped out)

Some other form of Spam probably began around 1989 or 1990 in MUD's (multi-user interactive environments) this is to refer to flooding the MUD, its chat or its database with stuff.

February, mass message: Craig Shergold wants cards

March 31 - Usenet administrator Richard Depew inadvertently posted the same message 200 times to a discussion group. this one was coined spam by Joel Furr, a Mudder. Adopting a term previously used in online text games, outraged Usenet users branded the excessive message posting "spam".

First Giant Spam

The first major USENET spam came on January 18 of 1994. Every single newsgroup found it it a religious screed declaring: Global Alert for All: Jesus is Coming Soon.

This one caused a ton of debate and controversy. The Andrews University sysadmin (Clarence Thomas) who sent it generated a flurry of complaints against his institution and some press, though reportedly he never got more than a mild punishment at the time. He did however eventually leave the University, but was also known to have done some more minor religious spams at later dates.

March 4 - Many companies are starting to use the net as a cheap way to advertise. Other companies are using the net to keep in touch with their clients and give support via the internet. Every year the Internet doubles in usage and users. Not all countries do have access to the net.
The Net approaches more or less the Super Information Highway as was meant by Vice President Al Gore and his advisors.

A well publicized case of net pollution, later this use of the internet will be called SPAM, is the case "Canter and Siegel", a law firm in the USA which used the net to advertise practically to all users of all active BBS's of the net. In their advertisement they tried to obtain customers for the application of a Green Card" (a permit for foreigners to stay in the USA). The reaction varied from flames to uncalled subscriptions on tens of magazines, meters of blank faxes and a program of a Norwegian programmer who developed the mechanism of Cancelbot. Cancelbot is a program which erases all e-mail of this firm on any computer before it can reach the user.

CancelMoose: An individual who wages a war against spam ming Anonymous individual who fires off the cancelbot. The CancelMoose (usually written as 'CancelMoose [TM]' on the Net) monitors newsgroups such as and for complaints about spamming (advertising), usually defined as messages posted to more than 25 newsgroups of widely varying content. The CancelMoose's identity is kept secret for reasons of personal safety.

December, The "good times" email virus hoax.

June,"spamware" (spamming software)

August, List of 2 million email addresses offered for sale

October, abuse@ addresses

November,"remove list" (the first (?) of many that were intended to be universal)

March, Spamblocks (e.g. REMOVE.TO.REPLY) added to addressees to foil spammers

March,"open relay", servers that can be used to send millions of mail anonymously, mostly the admin's of these servers are not aware of this misuse.

April, ISOC (Internet Society) meeting on spam. Organizations like ISOC are beginning to realize how serious a problem spam is becoming.

Nigerian scam spam started around this year. People received an e-mail containing text that promised you to make a quick million just by borrowing your checking account for transferring funds. Even the Nigerian government, annoyed as they were with this very negative publicity, started to check on the originators, opening a special e-mail address, created pages on their embassy sites, and tried to capture them.
In some cases people were even invited to Nigeria by the scammer's gang and got ransacked of every penney they had. Often these criminals left their victims half naked on the street after they had finished their scam. If they were lucky. One of the worst cases registered so far in scamming. Even Time magazine mentioned this Nigerian connection.

November, Taiwan (.tw) becomes the spam capital of the world.

The European Union outlaws spam. But the legeslation is easy to evade so that this ruling has almost no effect.

At least 2 billion spam messages are sent each day.

After a long and fruitless fight against the use of the word SPAM other than for their meat product Hormel came out with a declaration on July 14 and throws the towel in the ring. Therewith finalizing the Don Quixote like fight.

Below follows an extract on their defense as it is displayed on their site:

SPAM and the Internet

You've probably seen, heard or even used the term "spamming" to refer to the act of sending unsolicited commercial email (UCE), or "spam" to refer to the UCE itself. Following is our position on the relationship between UCE and our trademark SPAM.

Use of the term "spam" was adopted as a result of the Monty Python skit in which our SPAM meat product was featured. In this skit, a group of Vikings sang a chorus of "spam, spam, spam . . . " in an increasing crescendo, drowning out other conversation. Hence, the analogy applied because UCE was drowning out normal discourse on the Internet.

We do not object to use of this slang term to describe UCE, although we do object to the use of the word "spam" as a trademark and to the use of our product image in association with that term. Also, if the term is to be used, it should be used in all lower-case letters to distinguish it from our trademark SPAM, which should be used with all uppercase letters.

This slang term, which generically describes UCE, does not affect the strength of our trademark SPAM. In a Federal District Court case involving the famous trademark STAR WARS owned by LucasFilms, the Court ruled that the slang term used to refer to the Strategic Defense Initiative did not weaken the trademark and the Court refused to stop its use as a slang term. Other examples of famous trademarks having a different slang meaning include MICKEY MOUSE, to describe something as unsophisticated and CADILLAC, used to denote something as being high quality. It is only when someone attempts to trademark the word "spam" that we object to such use, in order to protect our rights in our famous trademark SPAM. We coined this term in 1937 and it has become a famous trademark. Thus, we don't appreciate it when someone else tries to make money on the goodwill that we created in our trademark or product image, or takes away from the unique and distinctive nature of our famous trademark SPAM. Let's face it. Today's teens and young adults are more computer savvy than ever, and the next generations will be even more so. Children will be exposed to the slang term "spam" to describe UCE well before being exposed to our famous product SPAM. Ultimately, we are trying to avoid the day when the consuming public asks, "Why would Hormel Foods name its product after junk e-mail?"

Position Statement on "Spamming"

We oppose the act of "spamming" or sending UCE. We have never engaged in this practice, although we have been victimized by it. If you have been one of those who has received UCE with a return address using our web site address of, it wasn't us. It's easy and commonplace for somebody sending UCE to simply adopt a fake header ID, which disguises the true source of the UCE and makes it appear that it is coming from someone else. If you have or do receive UCE with this header ID, please understand that it didn't come from us.

And of course Hormel is right. Their product is not, can not possibly be the same, as what we refer to as spam that is spread over the internet like a pestilence. "Spam is threatening the very existence of the internet as we know it today..." write some columnists. Future will show if they are right.

Definitely 35% of all e-mail consists of Spam

The CAN-SPAM Act goes into effect on Jan. 1. While the law does not prohibit unsolicited commercial email, it does require that unsolicited commercial email senders: - Ensure that the “FROM” line clearly reflects the sender’s identity - Include subject line text consistent with message content - Include the advertiser’s valid postal address - Contain a working opt-out mechanism as a way for the consumer to decline to receive further commercial email from the sender

Hypertouch, a California-based ISP, files the first civil lawsuit under CAN-SPAM against the owner of

On March 20, America Online, EarthLink, Microsoft and Yahoo! all file the first ISP lawsuits under the CAN-SPAM legislation.

Internet Engineering Task Force (IETF) creates a working group to examine Mail Transfer Agent (MTA) authentication, including examination of proposals for the domain name system (DNS) publication of data that allow validation of Internet Protocol (IP) address or envelope originator header data for SMTP MTAs.

March 28, A new form of spam gains momentum: Add Spam, or instant-messenger spam, is appearing on computer screens with increasing frequency. And the problem may get worse as e-mail marketers look for new ways to reach consumers as most governments start to prepare anti-spam laws.

This form of pollution manifests itself primarily for users of MSN. According to Radicati, a marketing research company, the number of spam messages rise from 400 million to 1,2 billion. The same source states that this is because of the increase of use in IM (instant messaging - a from of chatting.

In the first quarter of this year Spam is finally declared illegal by some governments and laws come into effect. Some are forbidding Spam completely (China) others let commercial interest prevail above the poisoning of the internet (USA, Holland) and any variation in between. Anti Spam movements are not happy to say the least. But the day that Spam was declared illegal in the USA the amount of spam dropped dramatically. For a few days.

 Michigan conducts the first criminal prosecution under the CAN-SPAM Act, issuing arrest warrants for four men charged with sending out hundreds of thousands of fraudulent, unsolicited commercial email messages advertising a weight-loss product.

 As if the flow of spam isn't problematic enough, here comes another wave. Spammers Get Ready For April Fool's Day Barracuda Networks, a maker of spam fire walls, says E-mail users should prepare for a spike in spam activity leading up to April Fool's Day. Spammers are expected to use subject lines such as "great joke," "free jokes," "prank," or "April fools" to entice users into opening attachments that carry viruses or objectionable content, potentially putting company networks at risk. Spammers increasingly have used holidays such as Christmas or Valentine's Day to take advantage of consumers looking to get good deals on holiday-related purchases. But in the absence of a commercial hook for April Fool's Day, they're likely to use the appeal of jokes to deliver malicious content. Barracuda warns that bogus April Fool's messages may come in large-enough quantities to flood company networks that don't have up-to-date spam and virus filters.

Just another wave of panic caused by the commercial guys that was uncalled for. The wave did not materialize.

 Federal Trade Commission (FTC) issues a ruling requiring all unsolicited email with sexually oriented content to bear the label “SEXUALLY-EXPLICIT:” in the subject line.

 Only one in six emails complies with the FTC “SEXUALLY-EXPLICIT” label.

 FTC issues “National Do Not Email Registry: A Report to Congress” on the feasibility of creating a Do Not Email registry. Among the report’s conclusions are that a registry would be nearly impossible to implement today and could create a target for spammers. The report calls for a summit on email authentication.

In June the UN organization International Telecommunications Union (ITU) let us believe that Spam can be controlled within 2 years IF governments and other authorities and software companies cooperate in legislation en anti spam software to tame the spamming. Millions op people will shy away from the internet when this does not happen so the ITU states. ITU has estimated the costs worldwide of spam on 25 billion dollar per year. But it is estimated that the actual costs of cleaning spam: rebooting computers and peripherals, productivity loss etcetera, is costing the community four times as much. But, the ITU states, it will only succeed when all concerned work together.

(editors comment: In that case two years is very optimistic I have not seen any government make a decision so fast. Let alone that software companies and governments will start working together where there has been such an alienation between the two sections the past decades. Now, if it comes, it does from the (international) Open Source community. Since they are generally so fed up with spam there must be a group effort underway)

June - That something can be done against excessive spam is proven by Australia. A stringent law is now effective. Banning all mail for pornography, adds for erection pills etc. that are taking care for over 75% of all email world wide. Companies that send spam are fined for 1.1 million Australian Dollars (670,000 EUR /820,000 USD) each day they continue to do so. And in Australia this is taking effect, almost all spam has disappeared. Unwanted e-mail is costing companies billions a year now.

MX Logic reports that CAN-SPAM compliance reaches a low of 0.54 percent, while 84 percent of all email traffic through the MX Logic Threat Center is spam.

As part of Operation Web Snare, the U.S. Attorney’s office in Los Angeles announces it filed charges against Nicholas Tombros for sending unsolicited email advertising pornographic Web sites from his laptop computer while driving through Venice, Calif., and using unsecured wireless access points to disseminate spam.

Nicholas Tombros, the “wireless spammer,” becomes the first person convicted under the CAN-SPAM Act.

October - Judge Orders Spam King To disable spyware programs
A federal judge has ordered Stanford Wallace, known as the Spam King, to disable so-called spyware programs that infiltrate people's computers, track their Internet use and flood them with pop-up advertising. United States District Judge Joseph DiClerico issued a temporary restraining order Thursday against Stanford Wallace and his companies, Inc. of Richboro, Pa., and Seismic Entertainment Productions Inc. of Rochester. SmartBot's principal place of business is Barrington. Prosecutors sought the injunction on behalf of the Federal Trade Commission, which targeted Wallace in its first anti-spyware action.

Jeremy Jaynes, considered one of the top 10 spammers in the world, is sentenced to nine years in prison under Virginia’s anti-spam law for sending millions of spam messages to America Online customers.

A Maryland (USA) judge overturns the state’s anti-spam law (2002 Commercial Electronic Mail Act), ruling that it interferes with interstate commerce.

In the largest judgment against a spammer to date, a federal judge in Iowa orders three companies to pay an ISP $1 billion in damages.

The US one year old CAN-SPAM laws intended to curb Spam have had very little impact; thus stated by an anti Spam software company MX Logic. This company estimates that 77% of all e-mail is Spam while CAN-SPAM compliance hits an all-time high of 7 percent.
Feedback by users of America Online show that 2003's favorite subject Oprah Winfrey, teens and Viagra, were overtaken this year by ID theft scams, mortgage deals and substitutes for a withdrawn anti arthritis painkiller called Vioxx.

1 Jan - Governor Arnold Schwarzenegger legislated a new law against spyware effective per 1 Jan 2005. Though the USA Congress debated on four law proposals California is them one step ahead.

The Consumer Protection Against Spyware Act forbids installation of software that (partly) takes over control of your computer. Companies (and web sites) exploiting such software are now ordered to publish the fact if their software installs spyware. Citizens that are affected with spyware on their computer can now claim a 1000 US Dollar damage from the company that installed the spyware. Though receiving the money will be difficult however the companies are known the owners or people behind it stay in the murk. And the wording of this act is such that it will be hard to prosecute the perpetrator.

Spam is changing its features once again. From complete and often well designed html pages via your mail or pop-ups spammers are now changing their messages to short email texts (again) in order to evade spam detecting software. Or at least they hope to have spread the message millions of times before a spam filter can be adapted.

12 May - Judge Tom Reilly in Massachusetts, USA has ordered several sites to go off-line. The sites were connected to a gang of spammers. Seven suspects and 2 companies are charged with spamming, main suspect is Leo Kuvayev, and 2K Services en Ecash Pay. The spammers were rounded up with help from Microsoft by creating some hundred thousand Hotmail accounts. Within 3 weeks 45.000 spam mails were received that were allegedly originating from the spam gang.

August, Spam still rules the waves. Here is an illustration from Sophos, an antispam software manufacturer, reporting on the first half of 2005.

August, a new trend in cloaking spam surfaces.

Do you remember those funny programs that generated random text as were it prose? Most of it was gibberish, some output had something. Well, spammers seem to have rediscovered this text generation tools to cloak their spam. Though most are nonsensical some are even readable and others even read like a spy message!

Here are some readings, enjoy:

"Got engine safe planet, language large. Always young, early. Done common final has time. Answer list break once warm whether. By, fish river, half, farm. String, made strange rail. Way nation has mouth five she was. Hour able, ready. If children, one moon. Season grass, shine shape, young arm, just. Dog in, divide sound quiet little off. Select, see decide there. Able grass, group set seem fruit. Break so, was, try head."

"Went real, flow. Both carry control book, to, certain floor. Map sound just die train once. Box now dance. Class start part short, from, wash. Stone moment, colony, mark problem ride, let. Born at our suit other. Though answer wall. Took oil engine room. Felt, friend time was. Letter, bright figure. Need gun point life, gave century too. Stop jump sleep village where card. Wire country money here fire locate. Joy twenty man, play save, subtract example."

"Oh, did you buy the hotel; you promised a million … sure. Get out! I wish I knew. Please make it quick; fast and furious; please … fast and furious. Please help me get out; I'm getting my wind back, thank God! Please, please; Oh, please. You will have to, please … tell him, 'You got no case.' You get ahead with the dot and dash system. Didn't I speak that time last night. Whose number is that in your pocketbook, Phil? 13780. Who was it? Oh! … Please, please … Reserve decision, police, police; Henny and Frankie … Oh, Oh, dog Biscuit, and when he is happy he doesn't get snappy … Please, please do this! Henny, Henny, Frankie! You didn't meet him; you didn't even meet me; the glove will fit what I say … Oh, kayiyi, kayiyi! Sure, who cares? When are you through! How do you know this? Well, then … Oh, Cocoa; no … thinks he is a grandpa again and he is jumping around. No, Hoboe and Poboe I think I mean the same thing….

"Police, Mamma! Helen, mother, please take me out. Come on, Rosie. O.K. Hymes would not do it; not him. I will settle … the indictment. Come on, Max, open the soap duckets. Frankie, please come here. Open that door, Dumpey's door. It is so much, Abe, that … with the brewery. come on. Hey, Jimmie! The Chimney Sweeps. Talk to the Sword. Shut up, you got a big mouth! please come help me up, Henny. Max come over here … French Canadian bean soup … I want to pay, let them leave me alone."

And they are just trying to sell pills, drugs and loans or other items!

Though the European Union outlawed spam 2002, most EU-countries do little to fight this nuisance says Reding. „I will review the subject next year to see if additional legislation is needed against Spam". According to internet security advisors spam has increased since last year from 54 to 85 percent from all email. In 2001 it was just 7 percent. While most internetters just see spam as a nuisance, Brussels thinks Spam originates increasingly from criminals. The latter's install unsolicited software on your computer to extort personal or secret information.

The EU asks internet companies to install more filters against Spam. At the same time Brussels officials engage in tougher discussions with countries where this Spam seem tot originate from.

Most spam (21 percent) originates form the USA, research from IT- security firm Sophos points out, (July - Sept.) China is second best with 13 percent, followed by France and South Korea with over 6%.

Web Browser Use Through the Years

History of the Web Browser

History of Search Engines

Search Terms 2004 - 2011









Internet Speed: 1879-2011

Cat 1 - 1876

Used for POTS (Plain Old Telephone System), this is your standard phone line. On June 3, 1880, Bell conducted the world's first wireless telephone transmission between two buildings, some 213 meters apart.

Cat 2 - Mid 70's
Used primarily for token ring networks.

Cat 3
100 pair cabling used for Ethernet 10Base-T


Cat 5/Cat 5e
Cat 5 is for use with Ethernet 100Base-TX and is rated at 100Mbps.
Cat5e is for use with Ethernet 1000Base-T and is rated at 1,000Mbps

Cat 6
Has a higher frequency of 250Mhz compared to Cat 5e's 100Mhz

Cat 7
Not widely accepted yet, this standard runs at 10 to 100Gbps

Fiber Optic - 2011
Fiber optics were made by creating the optical signal involving the use of a transmitter, relaying the signal along the fiber, ensuring that the signal does not become too distorted or weak, receiving the optical signal, and converting it into an electrical signal. On 22 April 1977, General Telephone and Electronics sent the first live telephone traffic through fiber optics at a 6 Mbit/s throughput in Long Beach, California.

As of April 29th 2011, researchers were able to reach speeds of 100Tbps. That is the equivalent of sending 3 months of HD video in one second! With dial-up internet (the first few Cat cables) it would take 49 minutes and 55 seconds just to download a 20MB file. For 3 months worth of HD video to be downloaded on a 56k dial-up connection we estimate that it would take about 24 years and double that if you have a 28.8K modem. The internet has come a LONG way in a very short amount of time. The convenience we have now in 2011 is worth being thankful for. I don't know if I can ever complain about a 'slow download' ever again.

Access to Internet as a Right

2003: World Summit on the Information Society
In December 2003 the World Summit on the Information Society (WSIS) was convened under the auspice of the United Nations. After lengthy negotiations between governments, businesses and civil society representatives the WSIS Declaration of Principles was adopted reaffirming the importance of the Information Society to maintaining and strengthening human rights. We, the representatives of the peoples of the world, assembled in Geneva from 10–12 December 2003 for the first phase of the World Summit on the Information Society, declare our common desire and commitment to build a people-centred, inclusive and development-oriented Information Society, where everyone can create, access, utilize and share information and knowledge, enabling individuals, communities and peoples to achieve their full potential in promoting their sustainable development and improving their quality of life, premised on the purposes and principles of the Charter of the United Nations and respecting fully and upholding the Universal Declaration of Human Rights.3. We reaffirm the universality, indivisibility, interdependence and interrelation of all human rights and fundamental freedoms, including the right to development, as enshrined in the Vienna Declaration. We also reaffirm that democracy, sustainable development, and respect for human rights and fundamental freedoms as well as good governance at all levels are interdependent and mutually reinforcing. We further resolve to strengthen the rule of law in international as in national affairs.

The WSIS Declaration of Principles makes specific reference to the importance of the right to freedom of expression in the "Information Society" in stating:4. We reaffirm, as an essential foundation of the Information Society, and as outlined in Article 19 of the Universal Declaration of Human Rights, that everyone has the right to freedom of opinion and expression; that this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers. Communication is a fundamental social process, a basic human need and the foundation of all social organization. It is central to the Information Society. Everyone, everywhere should have the opportunity to participate and no one should be excluded from the benefits of the Information Society offers."

2009-2010: BBC World Service poll
A poll of 27,973 adults in 26 countries, including 14,306 Internet users, conducted for the BBC World Service between 30 November 2009 and 7 February 2010 found that almost four in five Internet users and non-users around the world felt that access to the Internet was a fundamental right. 50% strongly agreed, 29% somewhat agreed, 9% somewhat disagreed, 6% strongly disagreed, and 6% gave no opinion.

2011: UN Special Rapporteur report
In May 2011 the United Nations Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, Frank La Rue, submitted a report to the UN Human Rights Council "exploring key trends and challenges to the right of all individuals to seek, receive and impart information and ideas of all kinds through the Internet." The report made 88 recommendations on the promotion and protection of the right to freedom of expression online, including several to secure access to the Internet for all. Other recommendations call on states to respect online anonymity, adopt privacy and data protection laws, and to decriminalize defamation.
Unlike any other medium, the Internet enables individuals to seek, receive and impart information and ideas of all kinds instantaneously and inexpensively across national borders. By vastly expanding the capacity of individuals to enjoy their right to freedom of opinion and expression, which is an “enabler” of other human rights, the Internet boosts economic, social and political development, and contributes to the progress of humankind as a whole. In this regard, the Special Rapporteur encourages other Special Procedures mandate holders to engage on the issue of the Internet with respect to their particular mandates.
78. While blocking and filtering measures deny users access to specific content on the Internet, States have also taken measures to cut off access to the Internet entirely. The Special Rapporteur considers cutting off users from Internet access, regardless of the justification provided, including on the grounds of violating intellectual property rights law, to be disproportionate and thus a violation of article 19, paragraph 3, of the International Covenant on Civil and Political Rights.
79. The Special Rapporteur calls upon all States to ensure that Internet access is maintained at all times, including during times of political unrest.
85. Given that the Internet has become an indispensable tool for realizing a range of human rights, combating inequality, and accelerating development and human progress, ensuring universal access to the Internet should be a priority for all States. Each State should thus develop a concrete and effective policy, in consultation with individuals from all sections of society, including the private sector and relevant Government ministries, to make the Internet widely available, accessible and affordable to all segments of population.

Media coverage of the report suggested that La Rue had declared Internet access itself a human right by emphasising that “the Internet has become a key means by which individuals can exercise their right to freedom and expression.” In his report La Rue stressed that “There should be as little restriction as possible to the flow of information via the Internet, except in a few, very exceptional, and limited circumstances prescribed by international human rights law.” La Rue also emphasised that "any restriction must be clearly provided by law, and proven to be necessary and the least intrusive means available for the purpose of protecting the rights of others."

History of Internet Delivery (Technologies)

Local Area Networks
Local area networks (LANs) provide Internet access to computers and other devices in a limited area such as a home, school, computer laboratory, or office building, usually at relatively high data rates that typically range from 10 to 1000 Mbit/s. There are wired and wireless LANs. Ethernetover twisted pair cabling and Wi-Fi are the two most common technologies used to build LANs today, but ARCNET, Token Ring, Localtalk, FDDI, and other technologies were used in the past.

Most Internet access today is through a LAN, often a very small LAN with just one or two devices attached. And while LANs are an important form of Internet access, this begs the question of how and at what data rate the LAN itself is connected to the rest of the global Internet. The technologies described below are used to make these connections.

Dial-up access
Typical noises of a dial-up modem while establishing connection with a local ISP in order to get access to the Internet.
Problems listening to this file? See media help.

Dial-up access uses a modem and a phone call placed over the public switched telephone network (PSTN) to connect to a pool of modems operated by an ISP. The modem converts a computer's digital signal into an analog signal that travels over a phone line's local loop until it reaches a telephone company's switching facilities or central office (CO) where it is switched to another phone line that connects to another modem at the remote end of the connection.

Operating on a single channel, a dial-up connection monopolizes the phone line and is one of the slowest methods of accessing the Internet. Dial-up is often the only form of Internet access available in rural areas as it requires no new infrastructure beyond the already existing telephone network, to connect to the Internet. Typically, dial-up connections do not exceed a speed of 56 kbit/s, as they are primarily made using modems that operate at a maximum data rate of 56 kbit/s downstream (towards the end user) and 34 or 48 kbit/s upstream (toward the global Internet).
Broadband access
The term broadband includes a broad range of technologies, all of which provide higher data rate access to the Internet. These technologies use wires or fiber optic cables in contrast to wireless broadband described later.

Multilink dial-up
Multilink dial-up provides increased bandwidth by bonding two or more dial-up connections together and treating them as a single data channel. It requires two or more modems, phone lines, and dial-up accounts, as well as an ISP that supports multilinking - and of course any line and data charges are also doubled. This inverse multiplexing option was briefly popular with some high-end users before ISDN, DSL and other technologies became available. Diamond and other vendors created special modems to support multilinking.

Integrated Services Digital Network (ISDN)
Integrated Services Digital Network (ISDN), a switched telephone service capable of transporting voice and digital data, is one of the oldest Internet access methods. ISDN has been used for voice, video conferencing, and broadband data applications. ISDN was very popular in Europe, but less common in North America. Its use peaked in the late 1990s before the availability of DSL and cable modem technologies.

Basic rate ISDN, known as ISDN-BRI, has two 64 kbit/s "bearer" or "B" channels. These channels can be used separately for voice or data calls or bonded together to provide a 128 kbit/s service. Multiple ISDN-BRI lines can be bonded together to provide data rates above 128 kbit/s. Primary rate ISDN, known as ISDN-PRI, has 23 bearer channels (64 kbit/s each) for a combined data rate of 1.5 Mbit/s (US standard). An ISDN E1 (European standard) line has 30 bearer channels and a combined data rate of 1.9 Mbit/s.

Leased lines
Leased lines are dedicated lines used primarily by ISPs, business, and other large enterprises to connect LANs and campus networks to the Internet using the existing infrastructure of the public telephone network or other providers. Delivered using wire, optical fiber, and radio, leased lines are used to provide Internet access directly as well as the building blocks from which several other forms of Internet access are created.

T-carrier technology dates to 1957 and provides data rates that range from 56 and 64 kbit/s (DS0) to 1.5 Mbit/s (DS1 or T1), to 45 Mbit/s (DS3 or T3). A T1 line carries 24 voice or data channels (24 DS0s), so customers may use some channels for data and others for voice traffic or use all 24 channels for clear channel data. A DS3 (T3) line carries 28 DS1 (T1) channels. Fractional T1 lines are also available in multiples of a DS0 to provide data rates between 56 and 1,500 kbit/s. T-carrier lines require special termination equipment that may be separate from or integrated into a router or switch and which may be purchased or leased from an ISP. In Japan the equivalent standard is J1/J3. In Europe, a slightly different standard, E-carrier, provides 32 user channels (64 kbit/s) on an E1 (2.0 Mbit/s) and 512 user channels or 16 E1s on an E3 (34.4 Mbit/s).

Synchronous Optical Networking (SONET, in the U.S. and Canada) and Synchronous Digital Hierarchy (SDH, in the rest of the world) are the standard multiplexing protocols used to carry high data rate digital bit streams over optical fiber using lasers or highly coherent light from light-emitting diodes (LEDs). At lower transmission rates data can also be transferred via an electrical interface. The basic unit of framing is an OC-3c (optical) or STS-3c (electrical) which carries 155.520 Mbit/s. Thus an OC-3c will carry three OC-1 (51.84 Mbit/s) payloads each of which has enough capacity to include a full DS3. Higher data rates are delivered in OC-3c multiples of four providing OC-12c (622.080 Mbit/s), OC-48c (2.488 Gbit/s), OC-192c (9.953 Gbit/s), and OC-768c (39.813 Gbit/s). The "c" at the end of the OC labels stands for "concatenated" and indicates a single data stream rather than several multiplexed data streams.

The 1, 10, 40, and 100 Gigabit Ethernet (GbE, 10GbE, 40GbE, and 100GbE) IEEE standards (802.3) allow digital data to be delivered over copper wiring at distances to 100 m and over optical fiber at distances to 40 km.
Cable Internet access
Cable Internet or cable modem access provides Internet access via Hybrid Fiber Coaxial wiring originally developed to carry television signals. Either fiber-optic or coaxial copper cable may connect a node to a customer's location at a connection known as a cable drop. In a cable modem termination system, all nodes for cable subscribers in a neighborhood connect to a cable company's central office, known as the "head end." The cable company then connects to the Internet using a variety of means – usually fiber optic cable or digital satellite and microwave transmissions. Like DSL, broadband cable provides a continuous connection with an ISP.

Downstream, the direction toward the user, bit rates can be as much as 400 Mbit/s for business connections, and 100 Mbit/s for residential service in some countries. Upstream traffic, originating at the user, ranges from 384 kbit/s to more than 20 Mbit/s. Broadband cable access tends to service fewer business customers because existing television cable networks tend to service residential buildings and commercial buildings do not always include wiring for coaxial cable networks. In addition, because broadband cable subscribers share the same local line, communications may be intercepted by neighboring subscribers. Cable networks regularly provide encryption schemes for data traveling to and from customers, but these schemes may be thwarted.

Digital subscriber line (DSL, ADSL, SDSL, and VDSL)
Digital Subscriber Line (DSL) service provides a connection to the Internet through the telephone network. Unlike dial-up, DSL can operate using a single phone line without preventing normal use of the telephone line for voice phone calls. DSL uses the high frequencies, while the low (audible) frequencies of the line are left free for regular telephone communication. These frequency bands are subsequently separated by filters installed at the customer's premises.

DSL originally stood for "digital subscriber loop". In telecommunications marketing, the term digital subscriber line is widely understood to mean Asymmetric Digital Subscriber Line (ADSL), the most commonly installed variety of DSL. The data throughput of consumer DSL services typically ranges from 256 kbit/s to 20 Mbit/s in the direction to the customer (downstream), depending on DSL technology, line conditions, and service-level implementation. In ADSL, the data throughput in the upstream direction, (i.e. in the direction to the service provider) is lower than that in the downstream direction (i.e. to the customer), hence the designation of asymmetric. With a symmetric digital subscriber line (SDSL), the downstream and upstream data rates are equal.

Very-high-bit-rate digital subscriber line (VDSL or VHDSL, ITU G.993.1) is a digital subscriber line (DSL) standard approved in 2001 that provides data rates up to 52 Mbit/s downstream and 16 Mbit/s upstream over copper wires and up to 85 Mbit/s down- and upstream on coaxial cable. VDSL is capable of supporting applications such as high-definition television, as well as telephone services (voice over IP) and general Internet access, over a single physical connection.

VDSL2 (ITU-T G.993.2) is a second-generation version and an enhancement of VDSL. Approved in February 2006, it is able to provide data rates exceeding 100 Mbit/s simultaneously in both the upstream and downstream directions. However, the maximum data rate is achieved at a range of about 300 meters and performance degrades as distance and loop attenuation increases.

DSL Rings
DSL Rings (DSLR) or Bonded DSL Rings is a ring topology that uses DSL technology over existing copper telephone wires to provide data rates of up to 400 Mbit/s.

Fiber to the home
Fiber-to-the-home (FTTH) is one member of the Fiber-to-the-x (FTTx) family that includes Fiber-to-the-building or basement (FTTB), Fiber-to-the-premises (FTTP), Fiber-to-the-desk (FTTD), Fiber-to-the-curb (FTTC), and Fiber-to-the-node (FTTN). These methods all bring data closer to the end user on optical fibers. The differences between the methods have mostly to do with just how close to the end user the delivery on fiber comes. All of these delivery methods are similar to hybrid fiber-coaxial (HFC) systems used to provide cable Internet access.

The use of optical fiber offers much higher data rates over relatively longer distances. Most high-capacity Internet and cable television backbones already use fiber optic technology, with data switched to other technologies (DSL, cable, POTS) for final delivery to customers.

Australia has already begun rolling out its National Broadband Network across the country using fiber-optic cables to 93 percent of Australian homes, schools, and businesses. Similar efforts are underway in Italy, Canada, India, and many other countries (see Fiber to the premises by country).

Power-line Internet
Power-line Internet, also known as Broadband over power lines (BPL), carries Internet data on a conductor that is also used for electric power transmission. Because of the extensive power line infrastructure already in place, this technology can provide people in rural and low population areas access the Internet with little cost in terms of new transmission equipment, cables, or wires. Data rates are asymmetric and generally range from 256 kbit/s to 2.7 Mbit/s.
Because these systems use parts of the radio spectrum allocated to other over-the-air communication services, interference between the services is a limiting factor in the introduction of power-line Internet systems. The IEEE P1901 standard specifies that all powerline protocols must detect existing usage and avoid interfering with it.

Power-line Internet has developed faster in Europe than in the U.S. due to a historical difference in power system design philosophies. Data signals cannot pass through the step-down transformers used and so a repeater must be installed on each transformer. In the U.S. a transformer serves a small clusters of from one to a few houses. In Europe, it is more common for a somewhat larger transformer to service larger clusters of from 10 to 100 houses. Thus a typical U.S. city requires an order of magnitude more repeaters than in a comparable European city.

ATM and Frame Relay
Asynchronous Transfer Mode (ATM) and Frame Relay are wide area networking standards that can be used to provide Internet access directly or as building blocks of other access technologies. For example many DSL implementations use an ATM layer over the low-level bitstream layer to enable a number of different technologies over the same link. Customer LANs are typically connected to an ATM switch or a Frame Relay node using leased lines at a wide range of data rates.

While still widely used, with the advent of Ethernet over optical fiber, MPLS, VPNs and broadband services such as cable modem and DSL, ATM and Frame Relay no longer play the prominent role they once did.

World and City Internet Speed

Internet Usage Statistics 2011

History of Internet Speed and Usage

The State of the Internet

The Internet in Numbers: 2011

3.146 billion – Number of email accounts worldwide.
27.6% – Microsoft Outlook was the most popular email client.
19% – Percentage of spam emails delivered to corporate email inboxes despite spam filters.
112 – Number of emails sent and received per day by the average corporate user.
71% – Percentage of worldwide email traffic that was spam (November 2011).
360 million – Total number of Hotmail users (largest email service in the world).
$44.25 – The estimated return on $1 invested in email marketing in 2011.
40 – Years since the first email was sent, in 1971.
0.39% – Percentage of email that was malicious (November 2011).

555 million – Number of websites (December 2011).
300 million – Added websites in 2011.

Web servers
239.1% – Growth in the number of Apache websites in 2011.
68.7% – Growth in the number of IIS websites in 2011.
34.4% – Growth in the number of NGINX websites in 2011.
80.9% – Growth in the number of Google websites in 2011.

Domain names
95.5 million – Number of .com domain names at the end of 2011.
13.8 million – Number of .net domain names at the end of 2011.
9.3 million – Number of .org domains names at the end of 2011.
7.6 million – Number of .info domain names at the end of 2011.
2.1 million – Number of .biz domain names at the end of 2011.
220 million – Number of registered domain names (Q3, 2011).
86.9 million – Number of country code top-level domains (.CN, .UK, .DE, etc.) (Q3, 2011).
324 – Number of top-level domains.
28% – Market share for BIND, the number one DNS server type.
$2.6 million – The price for, the most expensive domain name sold in 2011.
Internet users
2.1 billion – Internet users worldwide.
922.2 million – Internet users in Asia.
476.2 million – Internet users in Europe.
271.1 million – Internet users in North America.
215.9 million – Internet users in Latin America / Caribbean.
118.6 million – Internet users in Africa.
68.6 million – Internet users in the Middle East.
21.3 million – Internet users in Oceania / Australia.
45% – Share of Internet users under the age of 25.
485 million – Number of Internet users in China, more than any other country in the world.
36.3% – Internet penetration in China.
591 million – Number of fixed (wired) broadband subscriptions worldwide.

Social media

800+ million – Number of users on Facebook by the end of 2011.
200 million – Number of users added to Facebook during 2011.
350 million – Number of Facebook users that log in to the service using their mobile phone.
225 million – Number of Twitter accounts.
100 million – Number of active Twitter users in 2011.
18.1 million – People following Lady Gaga. Twitter’s most popular user.
250 million – Number of tweets per day (October 2011).
1 – #egypt was the number one hashtag on Twitter.
8,868 – Number of tweets per second in August for the MTV Video Music Awards.
$50,000 – The amount raised for charity by the most retweeted tweet of 2011.
39 million – The number of Tumblr blogs by the end of 2011.
70 million – Total number of WordPress blogs by the end of 2011.
1 billion – The number of messages sent with WhatsApp during one day (October 2011).
2.6 billion – Worldwide IM accounts.
2.4 billion – Social networking accounts worldwide.

1.2 billion – The number of active mobile broadband subscriptions worldwide in 2011.
5.9 billion – The estimated number of mobile subscriptions worldwide in 2011.
85% – Percentage of handsets shipped globally in 2011 that included a web browser.
88% – Apple iPad’s share of global tablet web traffic in December

1 trillion – The number of video playbacks on YouTube.
140 – The number of YouTube video playbacks per person on Earth.
48 hours – The amount of video uploaded to YouTube every minute.
1 – The most viewed video on YouTube during 2011 was Rebecka Black’s “Friday.”
82.5% – Percentage of the U.S. Internet audience that viewed video online.
76.4% – YouTube’s share of the U.S. video website market (December 2011).
4,189,214 – Number of new users on Vimeo.
201.4 billion – Number of videos viewed online per month (October 2011).
88.3 billion – Videos viewed per month on Google sites, incl. YouTube (October 2011).
43% – Share of all worldwide video views delivered by Google sites, incl. YouTube.

14 million – Number of Instagram accounts created during 2011.
60 – The average number of photos uploaded per second to Instagram.
100 billion – Estimated number of photos on Facebook by mid-2011.
51 million – Total number of registered users on Flickr.
4.5 million – Number of photos uploaded to Flickr each day.
6 billion – Photos hosted on Flickr (August 2011).
1 – Apple iPhone 4 is the most popular camera on Flickr.

The Internet in Number: 2010

107 trillion – The number of emails sent on the Internet in 2010.
294 billion – Average number of email messages per day.
1.88 billion – The number of email users worldwide.
480 million – New email users since the year before.
89.1% – The share of emails that were spam.
262 billion – The number of spam emails per day (assuming 89% are spam).
2.9 billion – The number of email accounts worldwide.
25% – Share of email accounts that are corporate.

255 million – The number of websites as of December 2010.
21.4 million – Added websites in 2010.

Web servers
39.1% – Growth in the number of Apache websites in 2010.
15.3% – Growth in the number of IIS websites in 2010.
4.1% – Growth in the number of nginx websites in 2010.
5.8% – Growth in the number of Google GWS websites in 2010.
55.7% – Growth in the number of Lighttpd websites in 2010.

Domain names
88.8 million – .COM domain names at the end of 2010.
13.2 million – .NET domain names at the end of 2010.
8.6 million – .ORG domain names at the end of 2010.
79.2 million – The number of country code top-level domains (e.g. .CN, .UK, .DE, etc.).
202 million – The number of domain names across all top-level domains (October 2010).
7% – The increase in domain names since the year before.

Internet users
1.97 billion – Internet users worldwide (June 2010).
14% – Increase in Internet users since the previous year.
825.1 million – Internet users in Asia.
475.1 million – Internet users in Europe.
266.2 million – Internet users in North America.
204.7 million – Internet users in Latin America / Caribbean.
110.9 million – Internet users in Africa.
63.2 million – Internet users in the Middle East.
21.3 million – Internet users in Oceania / Australia.

Social media
152 million – The number of blogs on the Internet (as tracked by BlogPulse).
25 billion – Number of sent tweets on Twitter in 2010
100 million – New accounts added on Twitter in 2010
175 million – People on Twitter as of September 2010
7.7 million – People following @ladygaga (Lady Gaga, Twitter’s most followed user).
600 million – People on Facebook at the end of 2010.
250 million – New people on Facebook in 2010.
30 billion – Pieces of content (links, notes, photos, etc.) shared on Facebook per month.
70% – Share of Facebook’s user base located outside the United States.
20 million – The number of Facebook apps installed each day.

2 billion – The number of videos watched per day on YouTube.
35 – Hours of video uploaded to YouTube every minute.
186 – The number of online videos the average Internet user watches in a month (USA).
84% – Share of Internet users that view videos online (USA).
14% – Share of Internet users that have uploaded videos online (USA).
2+ billion – The number of videos watched per month on Facebook.
20 million – Videos uploaded to Facebook per month.

5 billion – Photos hosted by Flickr (September 2010).
3000+ – Photos uploaded per minute to Flickr.
130 million – At the above rate, the number of photos uploaded per month to Flickr.
3+ billion – Photos uploaded per month to Facebook.
36 billion – At the current rate, the number of photos uploaded to Facebook per year.

The Internet in Numbers: 2009

90 trillion – The number of emails sent on the Internet in 2009.
247 billion – Average number of email messages per day.
1.4 billion – The number of email users worldwide.
100 million – New email users since the year before.
81% – The percentage of emails that were spam.
92% – Peak spam levels late in the year.
24% – Increase in spam since last year.
200 billion – The number of spam emails per day (assuming 81% are spam).

234 million – The number of websites as of December 2009.
47 million – Added websites in 2009.

Web servers
13.9% – The growth of Apache websites in 2009.
-22.1% – The growth of IIS websites in 2009.
35.0% – The growth of Google GFE websites in 2009.
384.4% – The growth of Nginx websites in 2009.
-72.4% – The growth of Lighttpd websites in 2009.

Domain names
81.8 million – .COM domain names at the end of 2009.
12.3 million – .NET domain names at the end of 2009.
7.8 million – .ORG domain names at the end of 2009.
76.3 million – The number of country code top-level domains (e.g. .CN, .UK, .DE, etc.).
187 million – The number of domain names across all top-level domains (October 2009).
8% – The increase in domain names since the year before.

Internet users
1.73 billion – Internet users worldwide (September 2009).
18% – Increase in Internet users since the previous year.
738,257,230 – Internet users in Asia.
418,029,796 – Internet users in Europe.
252,908,000 – Internet users in North America.
179,031,479 – Internet users in Latin America / Caribbean.
67,371,700 – Internet users in Africa.
57,425,046 – Internet users in the Middle East.
20,970,490 – Internet users in Oceania / Australia.

Social media
126 million – The number of blogs on the Internet (as tracked by BlogPulse).
84% – Percent of social network sites with more women than men.
27.3 million – Number of tweets on Twitter per day (November, 2009)
57% – Percentage of Twitter’s user base located in the United States.
4.25 million – People following @aplusk (Ashton Kutcher, Twitter’s most followed user).
350 million – People on Facebook.
50% – Percentage of Facebook users that log in every day.
500,000 – The number of active Facebook applications.

4 billion – Photos hosted by Flickr (October 2009).
2.5 billion – Photos uploaded each month to Facebook.
30 billion – At the current rate, the number of photos uploaded to Facebook per year.

1 billion – The total number of videos YouTube serves in one day.
12.2 billion – Videos viewed per month on YouTube in the US (November 2009).
924 million – Videos viewed per month on Hulu in the US (November 2009).
182 – The number of online videos the average Internet user watches in a month (USA).
82% – Percentage of Internet users that view videos online (USA).
39.4% – YouTube online video market share (USA).
81.9% – Percentage of embedded videos on blogs that are YouTube videos.

Malicious software
148,000 – New zombie computers created per day (used in botnets for sending spam, etc.)
2.6 million – Amount of malicious code threats at the start of 2009 (viruses, trojans, etc.)
921,143 – The number of new malicious code signatures added by Symantec in Q4 2009.

The Internet in Numbers: 2008

1.3 billion – The number of email users worldwide.
210 billion – The number of emails sent per day in 2008.
70% – The percentage of emails that are spam.
53.8 trillion – The number of spam emails sent in 2008 (assuming 70% are spam).

186,727,854 – The number of websites on the Internet in December 2008.
31.5 million – The number of websites added during 2008.

Web servers
24.4% – The growth of Apache websites in 2008.
13.7% – The growth of IIS websites in 2008.
22.2% – The growth of Google GFE websites in 2008.
336.8% – The growth of Nginx websites in 2008.
100.3% – The growth of Lighttpd websites in 2008.

Domain names
77.5 million – .COM domain names at the end of 2008.
11.8 million – .NET domain names at the end of 2008.
7.2 million – .ORG domain names at the end of 2008.
174 million – The number of domain names across all top-level domains.
19% – The increase in the number of domain names in 2008.

Internet users
1,463,632,361 – The number of Internet users worldwide (June 2008).
578,538,257 – Internet users in Asia.
384,633,765 – Internet users in Europe.
248,241,969 – Internet users in North America.
139,009,209 – Internet users in Latin America/Caribbean.
51,065,630 – Internet users in Africa.
41,939,200 – Internet users in the Middle East.
20,204,331 – Internet users in Oceania/Australia.

133 million – The number of blogs on the Internet (as tracked by Technorati).
900,000 – The number of new blog posts in a day.
329 million – The number of blog posts in 2008.

10 billion – Photos hosted by Facebook (October 2008).
3 billion – Photos hosted by Flickr (November 2008).
6.2 billion – Photos hosted by Photobucket (October 2008).

12.7 billion – The number of online videos watched by American Internet users in a month (November 2008).
87 – The number of online videos viewed per month per Internet user in USA.
34% – The increase in viewing of online video in USA compared to 2007.
3.1 – The number of minutes of an average online video.

Malicious software
1 million – The number of computer viruses in April 2008.
468% – The increase in malicious code compared to 2007.

Top 20 Malicious Programmes on the Internet 2011

Stuxnet: The Anatomy of a Computer Virus

Types of Viruses

Bootsector virus
Bootsector viruses are the classics under the viruses. A Bootsector virus settles itself onto a floppy's or hard disk Bootsector, a specific track on a disk where the operating system finds the information to start your machine's operating system or make itself known to you machine (ID). During the 80's a Bootsector virus was a real pest on Amiga and Commodore 64 computers. Easy to remove but a nuisance, and very virulent sometimes too. When a Bootsector virus had infected your disk the machine either froze or the floppy was no longer usable until you removed the virus. Sometimes even the spare Bootsector was overwritten and then your info could only be salvaged with the help of a recovery program,

A Trojan is a piece of viral code that resides in memory but works only under specific circumstances. It is often spread riding piggy bag on other programs or just hidden in one. Like the first Trojan: PC-Write which was a popular share ware program. By examining the virus program file into "PC-Write" many users thought they were downloading the word processor, instead they downloaded the virus. Tricky.

Polymorphic viruses
A polymorphic virus is a virus that can change itself to elude detection. Or change its working. For example in stead of wiping your hard disk it locks your keyboard when specific keys are pressed in a particular sequence. Very hard to detect.

Binary viruses
A binary virus is a virus that needs a second component to become activated and do whatever it was designed to do. It is nearly impossible to detect un incomplete virus.

Macro viruses
A macro virus most often exposes itself in Microsoft Office documents like Excel and Word or Outlook and works its havoc. The code is easy to detect and to deactivate.

Standard Virus

As long as you can speak of a standard virus. Contemporary viruses are hybrids that even contain their own mail engine!

A standard virus resides in memory. Were its payload executes like a three stage rocket:
Staying in memory as a resident process
Detecting programs (executables) that are loaded into the computer's memory
Attaching itself into an available slot of that program, mostly at the end, that resides on hard disk or floppy. That medium should not be protected against writing. As far as is known there is no virus that breaks this hardware security, but one can never tell.

More advanced viruses are scoring your hard disk for other programs or executables and attach itself to any available one. Than look for other hard disks, inclusive network disks, and do the same thing over.

Even more advanced viruses try to attack domains of other users on the network by cracking the passwords and repeat the process

Some viruses are only specialized at cracking firewalls, deleting files, shut down virus protecting programs, sending hundreds of thousands of mails, steel addresses from your mailbox and send them to a secret recipient. Or burning out you display. But mind you not all viruses are malignant, none are
benevolent either be it only to take up CPU time and disk space.

Browser Hijacker
This type of virus, which can spread itself in numerous ways including voluntary download, effectively hijacks certain browser functions, usually in the form of re-directing the user automatically to particular sites. It’s usually assumed that this tactic is designed to increase revenue from web advertisements.

Direct Action Virus
This type of virus, unlike most, only comes into action when the file containing the virus is executed. The payload is delivered and then the virus essentially becomes dormant – it takes no other action unless an infected file is executed again.

Most viruses do not use the direct action method of reproduction simply because it is not prolific, but viruses of this type have done damage in the past. The Vienna virus, which briefly threatened computers in 1988, is one such example of a direct action virus.

File Infector Virus
Perhaps the most common type of virus, the file infector takes root in a host file and then begins its operation when the file is executed. The virus may completely overwrite the file that it infects, or may only replace parts of the file, or may not replace anything but instead re-write the file so that the virus is executed rather than the program the user intended.

Although called a “file virus” the definition doesn’t apply to all viruses in all files generally – for example, the macro virus below is not referred to by the file virus. Instead, the definition is usually meant to refer only to viruses which use an executable file format, such as .exe, as their host.

Macro Virus
A wide variety of programs, including productivity applications like Microsoft Excel, provide support for Macros – special actions programmed into the document using a specific macro programming language. Unfortunately, this makes it possible for a virus to be hidden inside a seemingly benign document.

Macro viruses very widely in terms of payload. The most well known macro virus is probably Melissa, a Word document supposedly containing the passwords to pornographic websites. The virus also exploited Word’s link to Microsoft Outlook in order to automatically emailcopies of itself.

Multipartite Virus
While some viruses are happy to spread via one method or deliver a single payload, Multipartite viruses want it all. A virus of this type may spread in multiple ways, and it may take different actions on an infected computer depending on variables, such as the operating system installed or the existence of certain files.

Resident Virus

This broad virus definition applies to any virus that inserts itself into a system’s memory. It then may take any number of actions and run independently of the file that was originally infected.

A resident virus can be compared to a direct payload virus, which does not insert itself into the system’s memory and therefore only takes action when an infected file is executed.
Web Scripting Virus

Many websites execute complex code in order to provide interesting content. Displaying online video in your browser, for example, requires the execution of a specific code language that provides both the video itself and the player interface.

Of course, this code can sometimes be exploited, making it possible for a virus to infect a computer or take actions on a computer through a website. Although malicious sites are sometimes created with purposely infected code, many such cases of virus exist because of code inserted into a site without the
webmaster’s knowledge.

Encrypted Viruses
This type of viruses consists of encrypted malicious code, decrypted module. The viruses use encrypted code technique which make antivirus softwarehardly to detect them. The antivirus program usually can detect this type of viruses when they try spread by decrypted themselves.

Companion Viruses
Companion viruses can be considered file infector viruses like resident or direct action types. They are known as companion viruses because once they get into the system they "accompany" the other files that already exist. In other words, in order to carry out their infection routines, companion viruses can wait in memory until a program is run (resident viruses) or act immediately by making copies of themselves (direct action viruses).
Some examples include: Stator, Asimov.1539, and Terrax.1069

Network Virus
Network viruses rapidly spread through a Local Network Area (LAN), and sometimes throughout the internet. Generally, network viruses multiply through shared resources, i.e., shared drives and folders. When the virus infects a computer, it searches through the network to attack its new potential prey. When the virus finishes infecting that computer, it moves on to the next and the cycle repeats itself.
The most dangerous network viruses are Nimda and SQLSlammer.

Nonresident Viruses
This type of viruses is similar to Resident Viruses by using replication of module. Besides that, Nonresident Viruses role as finder module which can infect to files when it found one (it will select one or more files to infect each time the module is executed).

Stealth Viruses
Stealth Viruses is some sort of viruses which try to trick anti-virus software by intercepting its requests to the operating system. It has ability to hide itself from some antivirus software programs. Therefore, some antivirus program cannot detect them.

Sparse Infectors
In order to spread widely, a virus must attempt to avoid detection. To minimize the probability of its being discovered a virus could use any number of different techniques. It might, for example, only infect every 20th time a file is executed; it might only infect files whose lengths are within narrowly defined ranges or whose names begin with letters in a certain range of the alphabet. There are many other possibilities.

Spacefiller (Cavity) Viruses
Many viruses take the easy way out when infecting files; they simply attach themselves to the end of the file and then change the start of the program so that it first points to the virus and then to the actual program code. Many viruses that do this also implement some stealth techniques so you don't see the increase in file length when the virus is active in memory.

A spacefiller (cavity) virus, on the other hand, attempts to be clever. Some program files, for a variety of reasons, have empty space inside of them. This empty space can be used to house virus code. A spacefiller virus attempts to install itself in this empty space while not damaging the actual program itself. An advantage of this is that the virus then does not increase the length of the program and can avoid the need for some stealth techniques. The Lehigh virus was an early example of a spacefiller virus.

FAT Virus
The file allocation table or FAT is the part of a disk used to connect information and is a vital part of the normal functioning of the computer.

This type of virus attack can be especially dangerous, by preventing access to certain sections of the disk where important files are stored. Damage caused can result in information losses from individual files or even entire directories.

A worm is technically not a virus, but a program very similar to a virus; it has the ability to self-replicate, and can lead to negative effects on your system and most importantly they are detected and eliminated by antiviruses.
Examples of worms include: PSWBugbear.B, Lovgate.F, Trile.C, Sobig.D, Mapson.

Logic Bombs

They are not considered viruses because they do not replicate. They are not even programs in their own right but rather camouflaged segments of other programs.

Their objective is to destroy data on the computer once certain conditions have been met. Logic bombs go undetected until launched, and the results can be destructive.

Top Web Threats in History

I Love You (2000)
Who wouldn't open an e-mail with "I Love You" in the subject line? Well, that was the problem. By May 2000, 50 million infections of this worm had been reported. The Pentagon, the CIA and the British Parliament all had to shut down their e-mail systems in order to purge the threat.

Conflicker (2009)
The Conficker worm has created a secure, worldwide infrastructure for cybercrime. The worm allows its creators to remotely install software on infected machines. What will that software do? We don't know. Most likely the worm will be used to create a botnet that will be rented out to criminals who want to send SPAM, steal IDs and direct users to online scams and phishing sites.

Melissa (1999)
Melissa was an exotic dancer and David L. Smith (pictured) was obsessed with her and also with writing viruses. The virus he named after Melissa and released to the world on March 26th, 1999, kicked off a period of high-profile threats that rocked the Internet between 1999 and 2005.

Slammer (2003)
This fast-moving worm managed to temporarily bring much of the Internet to its knees in January 2003. The threat was so aggressive that it was mistaken by some countries to be an organized attack against them.

Nimda (2001)
A mass-mailing worm that uses multiple methods to spread itself, within 22 minutes, Nimda became the Internet's most widespread worm. The name of the virus came from the reversed spelling of "admin."

Code Red (2001)
Websites affected by the Code Red worm were defaced by the phrase "Hacked By Chinese!" At its peak, the number of infected hosts reached 359,000.

Blaster (2003)
Blaster is a worm that triggered a payload that launched a denial of service attack against, which included the message, "billy gates why do you make this possible? Stop making money and fix your software."

Sasser (2004)
This nasty worm spread by exploiting a vulnerable network port, meaning that it could spread without user intervention. Sasser wreaked havoc on everything from The British Coast Guard to Delta Airlines, which had to cancel some flights after its computers became infected.

Storm (2007)
Poor Microsoft, always the popular target. Like Blaster and others before, this worm's payload performed a denial-of-service attack on During Symantec's tests, an infected machine was observed sending a burst of almost 1,800 emails in a five-minute period.

Morris (1988)
An oldie but a goodie — without Morris the current threat "superstars" wouldn't exist. The Morris worm (or Internet worm) was created with innocent intentions. Robert Morris claims that he wrote the worm in an effort to gauge the size of the Internet. Unfortunately, the worm contained an error that caused it to infect computers multiple times, creating a denial of service.

Timeline of Viruses

The work of John von Neumann on the "Theory of self-reproducing automata" is published. The article is based on lectures held by von Neumann at the University of Illinois about the "Theory and Organization of Complicated Automata" back in 1949.

The Creeper virus, an experimental self-replicating program, is written by Bob Thomas at BBN Technologies. Creeper infected DEC PDP-10 computers running the TENEX operating system. Creeper gained access via the ARPANET and copied itself to the remote system where the message, "I'm the creeper, catch me if you can!" was displayed. The Reaper program was later created to delete Creeper.

The Wabbit virus, more a fork bomb than a virus, is written. The Wabbit virus makes multiple copies of itself on a single computer (and was named "Wabbit" for the speed at which it did so) until it clogs the system, reducing system performance, before finally reaching a threshold and crashing the computer.

ANIMAL is written by John Walker for the UNIVAC 1108. Animal asked a number of questions to the user in an attempt to guess the type of animal that the user was thinking of, while the related program PERVADE would create a copy of itself and ANIMAL in every directory to which the current user had access. It spread across the multi-user UNIVACs when users with overlapping permissions discovered the game, and to other computers when tapes were shared. The program was carefully written to avoid damage to existing file or directory structures, and not to copy itself if permissions did not exist or if damage could result. Its spread was therefore halted by an OS upgrade which changed the format of the file status tables that PERVADE used for safe copying. Though non-malicious, "Pervading Animal" represents the first Trojan "in the wild"
The novel "The Shockwave Rider" by John Brunner is published, that coins the use of the word "worm" to describe a program that propagates itself through a computer network.

Jürgen Kraus wrote his Diplom thesis "Selbstreproduktion bei Programmen" (self-reproduction of programs).

A program called Elk Cloner, written for Apple II systems and created by Richard Skrenta. Apple II was seen as particularly vulnerable due to the storage of its operating system on floppy disk. Elk Cloner's design combined with public ignorance about what malware was and how to protect against it led to Elk Cloner being responsible for the first large-scale computer virus outbreak in history.

The term 'virus' is coined by Frederick Cohen in describing self-replicating computer programs. In 1984 Cohen uses the phrase "computer virus" – as suggested by his teacher Leonard Adleman – to describe the operation of such programs in terms of "infection". He defines a 'virus' as "a program that can 'infect' other programs by modifying them to include a possibly evolved copy of itself."
November 10, 1983, at Lehigh University, Cohen demonstrates a virus-like program on a VAX11/750 system. The program could install itself to, or infect, other system objects.
A very early Trojan Horse designed for the IBM PC called ARF-ARF was downloaded from BBS sites and claimed to “Sort” the DOS Diskette Directory. This was a very desirable feature because DOS didn’t list the files in alphabetical order in 1983. Instead, the program deleted all of the files on the diskette, cleared the screen and typed ARF – ARF. ARF was a reference to the common “Abort, Retry Fail” message you would get when a PC could not boot from a diskette.

Ken Thompson publishes his seminal paper, Reflections on Trusting Trust, in which he describes how he modified a C compiler so that when used to compile a specific version of the Unix operating system, it inserted a backdoor into the login command, and when used to compile itself, it inserted the backdoor insertion code, even if neither the backdoor nor the backdoor insertion code were present in the source code.

January: The Brain boot sector virus (aka Pakistani flu) is released. Brain is considered the first IBM PC compatible virus, and the program responsible for the first IBM PC compatible virus epidemic. The virus is also known as Lahore, Pakistani, Pakistani Brain, as it was created in Lahore, Pakistan by 19 year old Pakistani programmer, Basit Farooq Alvi, and his brother, Amjad Farooq Alvi.
December 1986: Ralf Burger presented the Virdem model of programs at a meeting of the underground Chaos Computer Club in Germany. The Virdem model represented the first programs that could replicate themselves via addition of their code to executable DOS files in COM format.

Appearance of the Vienna virus, which was subsequently neutralized—the first time this had happened on the IBM platform.
Appearance of Lehigh virus, boot sector viruses such as Yale from USA, Stoned from New Zealand, Ping Pong from Italy, and appearance of first self-encrypting file virus, Cascade. Lehigh was stopped on campus before it spread to the wild, and has never been found elsewhere as a result. A subsequent infection of Cascade in the offices of IBM Belgium led to IBM responding with its own antivirus product development. Prior to this, antivirus solutions developed at IBM were intended for staff use only.
October: The Jerusalem virus, part of the (at that time unknown) Suriv family, is detected in the city of Jerusalem. The virus destroys all executable files on infected machines upon every occurrence of Friday the 13th (except Friday 13 November 1987 making its first trigger date May 13, 1988). Jerusalem caused a worldwide epidemic in 1988.
November: The SCA virus, a boot sector virus for Amigas appears, immediately creating a pandemic virus-writer storm. A short time later, SCA releases another, considerably more destructive virus, the Byte Bandit.
December: Christmas Tree EXEC was the first widely disruptive replicating network program, which paralysed several international computer networks in December 1987.

March 1: Ping-Pong virus is a boot sector virus. It was discovered at University of Turin in Italy.
June: The Festering Hate Apple ProDOS virus spreads from underground pirate BBS systems and starts infecting mainstream networks.
November 2: The Morris worm, created by Robert Tappan Morris, infects DEC VAX and Sun machines running BSD UNIX connected to the Internet, and becomes the first worm to spread extensively "in the wild", and one of the first well-known programs exploiting buffer overrunvulnerabilities.

October 1989: Ghostball, the first multipartite virus, is discovered by Friðrik Skúlason.

Mark Washburn working on an analysis of the Vienna and Cascade viruses with Ralf Burger develops the first family of polymorphic virus: the Chameleon family. Chameleon series debuted with the release of 1260.

Michelangelo was expected to create a digital apocalypse on March 6, with millions of computers having their information wiped according to mass media hysteria surrounding the virus. Later assessments of the damage showed the aftermath to be minimal. John McAfee had been quoted by the media as saying that 5 million computers would be affected. He later said that, pressed by the interviewer to come up with a number, he had estimated a range from 5 thousand to 5 million, but the media naturally went with just the higher number.

"Leandro & Kelly" and "Freddy Krueger" spread quickly due to popularity of BBS and shareware distribution.

April: OneHalf is a DOS-based polymorphic computer virus.

The first Macro virus, called "Concept," is created. It attacked Microsoft Word documents.
"Ply" - DOS 16-bit based complicated polymorphic virus appeared with built-in permutation engine.

June 2: The first version of the CIH virus appears.

Jan 20: The Happy99 worm first appeared. It invisibly attaches itself to emails, displays fireworks to hide the changes being made, and wishes the user a happy New Year. It modifies system files related to Outlook Express and Internet Explorer (IE) on Windows 95 and Windows 98.
March 26: The Melissa worm was released, targeting Microsoft Word and Outlook-based systems, and creating considerable network traffic.
June 6: The ExploreZip worm, which destroys Microsoft Office documents, was first detected.
December 30: Kak worm is a Javascript computer worm that spread itself by exploiting a bug in Outlook Express.

May: The ILOVEYOU worm, also known as VBS/Loveletter and Love Bug worm, is a computer worm purportedly created by a Filipino computer science student. Written in VBScript, it infected millions of Windows computers worldwide within a few hours of its release. It is considered to be one of the most damaging worms ever.

February 11: The Anna Kournikova virus hits e-mail servers hard by sending e-mail to contacts in the Microsoft Outlook addressbook. Its creator, Dutchman Jan de Wit, was sentenced to 150 hours of community service.
May 8: The Sadmind worm spreads by exploiting holes in both Sun Solaris and Microsoft IIS.
July: The Sircam worm is released, spreading through Microsoft systems via e-mail and unprotected network shares.
July 13: The Code Red worm attacking the Index Server ISAPI Extension in Microsoft Internet Information Services is released.
August 4: A complete re-write of the Code Red worm, Code Red II begins aggressively spreading onto Microsoft systems, primarily in China.
September 18: The Nimda worm is discovered and spreads through a variety of means including vulnerabilities in Microsoft Windows and backdoors left by Code Red II and Sadmind worm.
October 26: The Klez worm is first identified. It exploits a vulnerability in Microsoft Internet Explorer and Microsoft Outlook and Outlook Express.

February 11: Simile (computer virus) is a metamorphic computer virus written in assembly.
Beast is a Windows based backdoor trojan horse, more commonly known as a RAT (Remote Administration Tool). It is capable of infecting almost all versions of Windows. Written in Delphi and released first by its author Tataye in 2002, its most current version was released October 3, 2004
March 7: Mylife (computer worm) is a computer worm that spread itself by sending malicious emails to all the contacts in Microsoft Outlook.
August 30: Optix Pro is a configurable remote access tool or Trojan, similar to SubSeven or BO2K.

January 24: The SQL slammer worm, aka Sapphire worm, Helkern and other names, attacks vulnerabilities in Microsoft SQL Server and MSDE and causes widespread problems on the Internet.
April 2: Graybird is a Trojan also known as Backdoor.Graybird.
June 13: ProRat is a Turkish-made Microsoft Windows based backdoor trojan horse, more commonly known as a RAT (Remote Administration Tool).
August 12: The Blaster worm, aka the Lovesan worm, rapidly spreads by exploiting a vulnerability in system services present on Windows computers.
August 18: The Welchia (Nachi) worm is discovered. The worm tries to remove the blaster worm and patch Windows.
August 19: The Sobig worm (technically the Sobig.F worm) spreads rapidly through Microsoft systems via mail and network shares.
September 18: Swen is a computer worm written in C++.
October 24: The Sober worm is first seen on Microsoft systems and maintains its presence until 2005 with many new variants. The simultaneous attacks on network weakpoints by the Blaster and Sobig worms cause massive damage.
November 10: Agobot is a computer worm that can spread itself by exploiting vulnerabilities on Microsoft Windows. Some of the vulnerabilities are MS03-026 and MS05-039.
November 20:Bolgimo is a computer worm that spread itself by exploiting a buffer overflow vulnerability at Microsoft Windows DCOM RPC Interface.

January 18: Bagle (computer worm) is a mass-mailing worm affecting all versions of Microsoft Windows. There were 2 variants of Bagle worm, they were Bagle.A and Bagle.B. Bagle.B was discovered on February 17, 2004.
Late January: MyDoom emerges, and currently holds the record for the fastest-spreading mass mailer worm.
February 16: The Netsky worm is discovered. The worm spreads by email and by copying itself to folders on the local hard drive as well as on mapped network drives if available. Many variants of the Netsky worm appeared.
March 19: The Witty worm is a record-breaking worm in many regards. It exploited holes in several Internet Security Systems (ISS) products. It was the fastest disclosure to worm, it was the first internet worm to carry a destructive payload and it spread rapidly using a pre-populated list of ground-zero hosts.
May 1: The Sasser worm emerges by exploiting a vulnerability in the Microsoft Windows LSASS service and causes problems in networks, while removing MyDoom and Bagle variants, even interrupting business.
June 15: Caribe or Cabir is a computer worm that is designed to infect mobile phones that run Symbian OS. It is the first computer worm that can infect mobile phones. It spread itself through Bluetooth.
August 16: Nuclear RAT (short for Nuclear Remote Administration Tool) is a backdoor trojan that infects Windows NT family systems (Windows 2000, Windows XP, Windows 2003).
August 20: Vundo, or the Vundo Trojan (also known as Virtumonde or Virtumondo and sometimes referred to as MS Juan) is a trojan known to cause popups and advertising for rogue antispyware programs, and sporadically other misbehaviour including performance degradation and denial of service with some websites including Google and Facebook.
October 12, 2004: Bifrost, also known as Bifrose, is a backdoor trojan which can infect Windows 95 through Vista. Bifrost uses the typical server, server builder, and client backdoor program configuration to allow a remote attack.
December: Santy, the first known "webworm" is launched. It exploited a vulnerability in phpBB and used Google in order to find new targets. It infected around 40000 sites before Google filtered the search query used by the worm, preventing it from spreading.

August 16: Zotob (computer worm) is a worm that spread itself by exploiting Microsoft Windows Plug and Play Buffer Overflow (MS05-039).
October 13: The Samy XSS worm becomes the fastest spreading virus by some definitions as of 2006.
Late 2005: The Zlob Trojan, is a trojan horse which masquerades as a required video codec in the form of the Microsoft Windows ActiveX component. It was first detected in late 2005.
2005: Bandook or Bandook Rat (Bandook Remote Administration Tool) is a backdoor trojan horse that infects the Windows family. It uses a server creator, a client and a server to take control over the remote computer. It uses process hijacking / kernel patching to bypass the firewall, and let the server component hijack processes and gain rights for accessing the Internet.

January 20: The Nyxem worm was discovered. It spread by mass-mailing. Its payload, which activates on the third of every month, starting on February 3, attempts to disable security-related and file sharing software, and destroy files of certain types, such as Microsoft Office files.
February 16: discovery of the first-ever malware for Mac OS X, a low-threat trojan-horse known as OSX/Leap-A or OSX/Oompa-A, is announced
Late March: Brontok variant N was found in late March. Brontok was a mass-email worm and the origin for the worm was from Indonesia.
Late September: Stration or Warezov worm first discovered.

January 17: Storm Worm identified as a fast spreading email spamming threat to Microsoft systems. It begins gathering infected computers into the Storm botnet. By around June 30 it had infected 1.7 million computers, and it had compromised between 1 and 10 million computers by September. Thought to have originated from Russia, it disguises itself as a news email containing a film about bogus news stories asking you to download the attachment which it claims is a film.
July: Zeus is a trojan that targets Microsoft Windows to steal banking information by keystroke logging.

February 17: Mocmex is a trojan, which was found in a digital photo frame in February 2008. It was the first serious computer virus on a digital photo frame. The virus was traced back to a group in China.
March 3: Torpig, also known as Sinowal and Mebroot, is a Trojan horse that affects Windows, turning off anti-virus applications. It allows others to access the computer, modifies data, steals confidential information (such as user passwords and other sensitive data) and installs more malware on the victim's computer.
May 6: Rustock.C, a hitherto-rumoured spambot-type malware with advanced rootkit capabilities, was announced to have been detected on Microsoft systems and analyzed, having been in the wild and undetected since October 2007 at the very least.
July 6: Bohmini.A is a configurable remote access tool or trojan that exploits security flaws in Adobe Flash 9.0.115 with Internet Explorer 7.0 and Firefox 2.0 under Windows XP SP2.
July 31: The Koobface computer worm targets users of Facebook and MySpace. New variants constantly appear.
November 21: Computer worm Conficker infects anywhere from 9 to 15 million Microsoft server systems running everything from Windows 2000 to the Windows 7 Beta. The French Navy, UK Ministry of Defence (including Royal Navy warships and submarines), Sheffield Hospital network, German Bundeswehr and Norwegian Police were all affected. Microsoft sets a bounty of $250,000 USD for information leading to the capture of the worm's author(s). Five main variants of the Conficker worm are known and have been dubbed Conficker A, B, C, D and E. They were discovered 21 November 2008, 29 December 2008, 20 February 2009, 4 March 2009 and 7 April 2009, respectively. On December 16, 2008, Microsoft releases KB958644 patching the server service vulnerability responsible for the spread of Conficker.

July 4: The July 2009 cyber attacks occur and the emergence of the W32.Dozer attack the United States and South Korea.
July 15: Symantec discovered Daprosy Worm. Said trojan worm is intended to steal online-game passwords in internet cafes. It could, in fact, intercept all keystrokes and send them to its author which makes it particularly a very dangerous worm to infect B2B (business-to-business) systems.

February 18: Microsoft announced that a BSoD problem on some Windows machines which was triggered by a batch of Patch Tuesday updates was caused by the Alureon trojan.
June 17: Stuxnet, a Windows trojan, was detected. It is the first worm to attack SCADA systems. There are suggestions that it was designed to target Iranian nuclear facilities. It uses a valid certificate from Realtek.
September 9: The virus, called "here you have" or "VBMania", is a simple Trojan Horse that arrives in the inbox with the odd-but-suggestive subject line "here you have". The body reads "This is The Document I told you about, you can find it Here" or "This is The Free Download Sex Movies, you can find it Here".
September 15: The Virus called Kenzero is a virus that spreads online from Peer to peer (P2P) sites taking browsing history.

SpyEye and Zeus merged code is seen. New variants attack mobile phone banking information.
Anti-Spyware 2011, a trojan which attacks Windows 9x, 2000, XP, Vista, and Windows 7, posing as an anti-spyware program. It actually disables security-related process of anti-virus programs, while also blocking access to the Internet which prevents updates.
The Morto worm emerged in the summer of 2011. It attempts to propagate itself to additional computers via the Microsoft Windows Remote Desktop Protocol (RDP). Morto spreads by forcing infected systems to scan for Windows servers allowing RDP login. Once Morto finds an RDP-accessible system, it attempts to log in to a domain or local system account named 'Administrator' using a number of common passwords. A detailed overview of how the worm works—along with the password dictionary Morto uses—was done by Imperva.
July 13, the Zeroaccess Rootkit or Max++ was discovered.
Duqu worm

Flame also known as Flamer, sKyWIper, and Skywiper is modular computer malware discovered in 2012 that attacks computers running Microsoft Windows. The program is being used for targeted cyber espionage in Middle Eastern countries. Its discovery was announced on 28 May 2012 by MAHER Center of Iranian National Computer Emergency Response Team (CERT), Kaspersky Lab and CrySyS Lab. of the Budapest University of Technology and Economics. CrySyS stated in their report that "sKyWIper is certainly the most sophisticated malware we encountered during our practice; arguably, it is the most complex malware ever found".
Shamoon is a computer virus discovered in 2012 designed to target computers running Microsoft Windows in the energy sector. Symantec, Kaspersky Lab and Seculert announced its discovery on 16 August 2012.


Copyright 2011 All rights reserved