CIH.win9x day

Tomorrow in the history of computer security is an extremely significant day. On April 26, 1999, the first virus of its kind was activated for the first time. A huge number of computers have undergone data destruction in the BIOS. I do not exclude the possibility that this may happen tomorrow, if there are still computers on which the malicious code will run.
CIH was written by Taiwanese student Chen Ying Hao in June 1998. And less than a year later, the virus had already revealed itself by having disabled about five hundred thousand computers.

For the first time, the virus acted in such a way that it led to the complete inoperability of computers. The mechanism of the virus was not complicated: after getting on a computer with Windows 95/98 installed on it, it injected its code into the system mechanism for working with files. Then, when opening PE files, the virus body was embedded in its unused blocks. Thus, the size of the infected file is not changed. If there was not enough space, the virus's body was crushed.

Despite the fact that Cheng Ying Hao was in essence a criminal, he not only did not receive punishment for it immediately, but also got a job. But justice prevailed, and Cheng Ying Hao was arrested in September 2000 and convicted of damage caused by his CIH virus. Since 2006, Cheng has worked as an engineer at Gigabyte Technology.

But not everything is so bad in this story. The virus first pointed to open problems in the security of computer systems in general. It is worth remembering this case only in order to avoid similar drawbacks in the future when designing various systems and methods for ensuring their safety.