Wednesday, May 24, 2017

Matt Ridley: The Red Queen race against computer viruses

The WannaCry ransomware cyberattack of last week, which briefly crippled much of the National Health Service, may be the biggest, but it will not be the last outbreak of cybercrime. 

Remember your Through the Looking-Glass. The Red Queen lives in a world where, she says: “It takes all the running you can do, to keep in the same place. If you want to get somewhere else, you must run at least twice as fast as that.” We, the good guys, are locked in a Red Queen race with hackers, just as we, the human race, are locked in a race with real viruses, and with antibiotic resistance.

It is a race in which permanent victory is impossible, but so is permanent defeat. Perpetual struggle is inevitable. I say this with confidence because for once the biological analogies are apt. The right way to think about cybersecurity is epidemiological. Indeed, the similarity between a computer virus and a real virus is more than a metaphor: both are pieces of linear digital information (one made of binary electronic digits, the other of quaternary DNA bases) capable of getting themselves replicated and spread. One leading theory is that sexual intercourse evolved, a billion years ago, as a security patch against parasites.

The fact that malware is manmade while maladies are not makes little difference. So long as there are enough actors out there experimenting, both will evolve, through mutation, recombination and selection — through trial and error. That this latest cyberweapon may have been enhanced with something called EternalBlue stolen from America’s National Security Agency is again not altogether surprising to a biologist. Parasites have a habit of stealing good genetic ideas from their hosts.

Computer viruses are as old as computing. The first widespread one, Elk Cloner, spread through Apple computers in 1981 via floppy disks. Ransomware first appeared in 1989, with a trojan horse called AIDS. By the early 1990s you could buy anti-virus software. Especially bad outbreaks occurred in 2003 (the “slammer worm”) and 2009 (the “conficker worm”), just like the bad plague years of AD541, 1346 and 1665. But apocalyptic warnings that computer worms and viruses would eventually win proved wide of the mark. I recall business seminars around the turn of the millennium at which the audience was effectively told that the problem of computer viruses was insoluble so the end of the web was near. This was around the time we were told that computers would fail, and social order would collapse, because software could not cope with the start of a new millennium. In practice, anti-virus protection has evolved just as fast.

Perhaps we were just lucky, then. Despite the supposed heroic but accidental action last week of MalwareTech, an anonymous 22-year-old, I don’t think it is luck. Here is why the good guys will always be able to defeat the bad guys — temporarily: the former can operate in the daylight, the latter must stay in the dark. This was brought home to me about ten years ago when my laptop was infected by a virus and I quickly found a website on which people were freely sharing the latest features of this virus and how to deal with it. Such open sharing is not available to hackers, however large the dark web gets.

Thus Microsoft already has a patch for the WannaCry ransomware, released in March, having been alerted perhaps by the NSA itself. That some organisations, such as the NHS, have plainly done a terrible job of keeping their computer security updated is reprehensible but no great surprise. It is a bit like a community that relaxes its vaccination rate.

Minnesota is currently experiencing a measles outbreak: about 50 people have gone down with the virus, mostly from the Somali immigrant community. This is entirely because vaccination rates in that community have halved thanks to the recent influence of the anti-vaxxer movement and its autism theory. Drop your vaccination guard and the Red Queen will strike. Don’t update your cybersecurity and ditto.

Here’s another parallel. Antibiotic resistance is also a Red Queen phenomenon, in which new antibiotics must continually be introduced to counter antibiotic resistance. In failing to invent new antimicrobials, it is as if we have been failing to update our pharmacological security software.

Notice, too, that hospitals are the epicentres of antimicrobial resistance, plagued by MRSA and C. difficile. This is largely because they are full of ill and vulnerable people, some with fresh holes cut into them — tempting buffets for bacteria. Hence hospitals use lots of antibiotics, putting selection pressure on bacteria to evolve resistance. It is a curious coincidence that hospital computer systems likewise have to be open to sharing data with many partners, making them vulnerable to digital invaders, as we now know.

There is one computer system that is so clogged with old malware that there is hardly any space left for the real programs. Of its code, almost half consists of so-called transposable elements. Some are full viruses, some are attenuated and abbreviated relics of viruses, and some are small vestiges of viruses that piggyback on viruses — parasites of parasites. The entire thing is infested with digital parasites. I am describing the human genome, the computer system inside each of your many trillion cells, the one Mother Nature programmed.

Fortunately the vast majority of these transposable elements and endogenous retroviruses are in a quiescent state, shut down and harmless. Occasionally, though, they seem to wake up and proliferate like real viruses. One called AluJ was last active 65 million years ago, another called AluS is 30 million years old, while a third called AluY sometimes springs to life today, messing up genes when it does so. Take some comfort from the fact that Shakespeare wrote Hamlet and Einstein discovered relativity using mental computers inside whose cells were millions of such digital viruses. Fun fact: birds, which have a greater need to control their weight so they can fly, do a better job of cleaning spam out of their genes than mammals do.

The lesson of this week is eternal vigilance: update your software regularly, keep back-ups, filter mail and be suspicious of attachments. Don’t expect the problem to go away, or to find a silver bullet that kills the problem for ever, but don’t expect malware to defeat us either.

Matt Ridley, a member of the British House of Lords, is an acclaimed author who blogs at

1 comment:

paul scott said...

Ridley's reference to the "Red Queen" here, is from a book he wrote in the eighties.
The fundamental premise was that all living creatures or plants must keep evolving in a lucky way to stay ahead of the rivals and the predators.
Ridley is more readable and has maintained a humility which is lacking in the now obnoxious Richard Dawkins. Ridley leads the Nationhood, and individual freeedom memes inthe House of Lords .
All that, and much more is why I keep nagging the Pope to decare him a Saint.