It is more than 20 years since the first PC virus appeared. Since then, the nature of threats has changed significantly. Today’s threats are more complex than ever before. Much of today’s malicious code, and this includes a wide array of Trojans, exploits, rootkits, phishing scams, spam and spyware as well as classic viruses and worms, is purpose-built to hijack users’ machines to make money illegally. The connectivity provided by the Internet means that attacks can be launched on victim machines very quickly, as widely or selectively as malware authors, and the criminal underground that sponsors them, require. Malicious code may be embedded in e-mail, injected into fake software packs, or placed on web pages for download by a Trojan installed on an infected machine. The scale of the problem, in terms of numbers alone, has also continued to increase. Kaspersky Lab antivirus databases contain 570,500 records and around 3,500 new records are added weekly.

In any field of human activity, the latest generation stands squarely on the shoulders of those who went before, learning from what has been done before, re-applying what has proved successful and also trying to break new ground. This is no less true of those who develop malicious code. Successive waves of malicious code have re-defined the threat landscape.


What’s also clear is that security solutions have also had to evolve to match each successive generation of threats. As a result, both the disease and the cure differ greatly from the situation when the virus problem first appeared. But what are the specific factors that have influenced the development of malicious code? And how have security solutions had to evolve to deal with each emerging threat?