Murderous malware: Can a computer virus turn deadly?

I have a confession to make. There was a time when I did not believe that malware actually existed. Before 1991, I had never experienced a malware infection, nor had anyone else that I knew. I assumed that computer viruses only existed in Hollywood films.

What I eventually came to realize of course, was that viruses were real, but were nothing like the way that they were depicted in the movies. The first virus that I ever encountered was called Yankee Doodle. That particular virus infected MS-DOS .COM and .EXE files, but was perhaps best known for playing the song Yankee Doodle at a certain time of day.

Another virus that I encountered shortly thereafter was called the Cookie Monster virus. The Cookie Monster virus would interrupt whatever you were doing by displaying a picture of Cookie Monster on-screen, along with a message saying “give me a cookie.” If you typed the word “cookie” then the picture would go away for a period of time, and you could get back to whatever it was that you had been doing. Over time, the Cookie Monster would appear more and more frequently, but you could permanently banish him from your computer by typing the word “Oreo.”

These particular viruses, as well as some of the other viruses of the time, were relatively harmless – at least by today’s standards. While it is true that some strains of Yankee Doodle could completely disable a system, nearly any antivirus program of the time could remove the virus and put everything back to normal.

Malware becomes malicious

Over time of course, malware started to become far more malicious. While the malware of the late 1980s and early 1990s might best be described as disruptive and slightly whimsical, today’s malware can be downright nasty. We have all heard stories for instance, of ransomware holding data hostage until a ransom is paid.

The existence of ransomware points to a major shift in malware author’s goals. Early on, malware authors seemed to be primarily interested in causing a bit of mischief by engaging in what I like to think of as cyber vandalism. Later on, there were malware authors who seemed to be most interested in gaining notoriety by creating malware with capabilities that had never been seen before. Notorious viruses such as FunLove, Code Red, Mydoom, and Slammer come to mind, because they all received a significant amount of over hyped media attention.

In stark contrast, much of today’s malware (much of which is allegedly tied to organized crime rings or rogue nations) has been heavily monetized. I’m not just talking about ransomware, although that is a big part of it. There are also cryptominers that are designed to take over a victim’s computer, and then steal any cryptocurrency that it finds.

Another way in which malware has evolved is that its effects are no longer limited to the digital world. At one time, the absolute worst thing that could happen as a result of a malware infection was data loss. Today though, the effects of a malware infection can spill over into the real world. Malware can attempt to steal your identity, clean out your bank account, blackmail you, and the list goes on. But what are the ultimate limits of malware’s capabilities? Could malware ever be designed to commit murder?

On the surface, the idea of murderous malware sounds completely ludicrous. After all, your computer is not physically capable of picking up a gun and shooting someone. Even so, there are other ways to get the job done. To see what I mean, let’s take a step back and talk about some of the ways that computers can interface with the physical world.

Back around 2001, I used to write for a now extinct magazine that focused on home automation. In one of my columns, I jokingly wrote that my one of my aspirations was to be the first person to write a virus that infects home automation systems. Even though I would never actually try to infect someone’s home with a virus, the point that I was trying to make was that home automation has inherent security challenges that nobody was talking about at the time. To be perfectly frank, it really wouldn’t have been very difficult to take over one of these early home automation systems.

Harmless mischief or murderous malware?

But think about what might happen if someone did manage to seize control over a home automation system. If the person is just mischievous, then they might have some fun with the lights, or they might turn off the air conditioner. If someone really had bad intent however, they could gain physical entry into the home by unlocking the doors.

As unsettling as that idea might seem, one has to consider that today it isn’t just homes that are tied to the Internet. Internet connectivity has become ubiquitous for nearly all manner of electronic devices. Most of the new cars being sold today for example, are also connected to the Internet, as are countless IoT devices, and industrial automation devices. So with that in mind, let’s go back to the question of whether it is possible for malware to commit murder.

A few months ago, I wrote an article in which I talked about a car that I used to own. The car’s electronics contained a glitch and the car would sometimes put itself into gear while I was sitting in a parking space. Thankfully I was always able to brake before the car could hit anything. If a random computer glitch could cause this kind of undesirable behavior, just imagine the harm that could be caused by a malware infection.

If the idea of a car’s computer system becoming infected by malware seems far-fetched, then consider a recent commercial for OnStar in which the service was able to remotely override a stolen car. This type of communications link could conceivably be exploited in an effort to infect, or to take control of a vehicle. Such an infection could easily initiate its own control inputs in an effort to cause a serious accident.

In a much more chilling example of a potentially fatal malware infection, MIT Technology Review recently published an article about a malware program called Triton, which the publication has dubbed as the world’s most murderous malware. According to the article, hackers had deployed the Triton malware at a petrochemical plant in Saudi Arabia. The malware allowed hackers to take over all of the plant’s systems. Although never activated, the malware could have been used to cause a critical malfunction, and to disable safety systems, thereby endangering human life.

I will be the first to admit that my vehicle example is theoretical, and that the Triton infection in the petrochemical plant was neutralized before it could cause any harm. However, there has been at least one situation in which malware did cause significant harm to humans.

The WannaCry ransomware infection impacted a number of hospitals back in 2017, crippling the systems used in treating patients. Thankfully, no patients died as a result of the infection, but according to The Parallax, the infection caused delays in patient care, which negatively impacted patient outcomes.

Murderous malware: Something to consider

As far as I know there has not yet been a situation in which malware has been directly tied to a loss of human life. Even so, there have been several close calls, and it seems almost inevitable that malware will eventually be responsible for someone’s death. Murderous malware could even lead to a mass casualty event. Just imagine what could have happened if Triton had found its way into a nuclear power plant.

In an ever more connected world, it is going to be increasingly important to take measures to prevent malware from infecting critical systems. Manufacturers are going to have to adopt the same sorts of security best practices for IoT devices that are used to control access to network servers.

Featured image: Shutterstock

Brien Posey

Brien Posey is a freelance technology author and speaker with over two decades of IT experience. Prior to going freelance, Brien was a CIO for a national chain of hospitals and healthcare facilities. He has also served as a network engineer for the United States Department of Defense at Fort Knox. In addition, Brien has worked as a network administrator for some of the largest insurance companies in America. To date, Brien has received Microsoft’s MVP award numerous times in categories including Windows Server, IIS, Exchange Server, and File Systems / Storage. You can visit Brien’s Website at: www.brienposey.com.

Share
Published by
Brien Posey

Recent Posts

Exchange Server log files growth and inadequate disk space allocation

When it comes to Exchange, if you build it, it will grow. Exchange Server log file growth can fill up…

2 hours ago

Hold the phone! Voice communication is becoming cool again

Business telephone conversations have largely been supplanted by email. But voice communication is far from dead — and it may…

5 hours ago

What are the potential disadvantages of SSL/TLS?

There’s wide consensus on the benefits of SSL/TLS. However, not as much attention has been given to SSL/TLS disadvantages.

3 days ago

Exploring native software inventory logging in Windows Server

Windows Server has built-software inventory logging that can be very useful. Here’s how to use this little-known feature.

3 days ago

Passwordless authentication: Safer, better, and about time

Passwordless authentication has quickly become one of the primary means by which users access their laptops, phones, and tablets because…

3 days ago

Automated Incident Response in Office 365 ATP simplifies cybersecurity

Microsoft has pumped up Office 365 Advanced Threat Protection with a new feature, Automated Incident Response. Here’s what you need…

4 days ago