We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not a subscriber? Subscribe now for unlimited access to online articles.

Virus Hunter

Mikko Hypponen defends the Web against mischief.

Who would have thought a youth misspent playing Space Invaders and Donkey Kong could prepare you for the real world? Certainly not Mikko Hypponen’s father, who, seeing no future in computers and frustrated by his son’s obsession with them, sometimes resorted to desperate measures. “He removed the fuse in my bedroom to turn the electricity off, just to get me to come to the dinner table,” says Hypponen.

But as it turned out, the hours spent taking on alien invaders served as training for battling an altogether different kind of assailant: computer viruses. Hypponen, now the chief research officer of the Finnish computer security firm F-Secure, has become one of the most respected virus hunters in the business.

He and his team were on the front line during outbreaks of Slapper – a worm that affected tens of thousands of com-puters in 2002 by exploiting a vulnerability in Linux Web server software – and Sobig.F, a worm that at its peak in 2003 was lurking in one of every 17 e-mails. He is also credited with being the first to warn about the May 2004 outbreak of the Sasser worm, which infected hundreds of thousands of computers across the globe – stopping train traffic in Australia, delaying Delta flights in the United States, and paralyzing Taiwan’s national post office.

This story is part of our October 2005 Issue
See the rest of the issue

But where Hypponen really shines is in predicting new threats long before they occur. He warned of the possibility of document-infecting macroviruses, such as the infamous Melissa virus, in the early 1990s, two years before they started to appear, and he predicted mobile-phone viruses several years before the first one struck.

Hypponen doesn’t attribute his skill at tackling malware to video game-honed strategies per se, but rather to the fundamental knowledge of computers that he developed in his teenage gaming years. Frustrated by how long games took to load on his Commodore 64, he taught himself assembly language so he could write code that would speed up the process. By 14 he was already making money from his programs. “I was selling them to floppy magazines, magazines published on floppy disks,” he says.

The skills he picked up during this period would serve him well. He joined F-Secure (which at the time was called Data Fellows) in 1991, and a year later, he got his first taste of decoding a virus. Back then, viruses were a relatively new phenomenon, and resources for dealing with them were sparse.

“I couldn’t run the virus on a machine to see what it did because we couldn’t spare one. They were too expensive.” Instead, he had to print out nearly 40 pages of code and meticulously go through it line by line, trying to figure out what the program did. The process took about three days – long enough to get him hooked.

Today, of course, computers are cheap, so running viruses isn’t a problem. But Hypponen still uses his reverse-engineering skill in trying to predict new threats. Virus writers are no longer interested in notoriety, he says; these days they are after money. He believes virus writers are now teaming up with spammers and designing viruses that try to evade detection.

So after mobile phones, what could possibly be the next target? Skype, according to Hypponen. The peer-to-peer Internet phone service is an ideal mark for malware writers because it is designed to bypass firewalls.

While he waits to begin his next battle with virus writers, Hypponen directs his passion for reverse engineering toward rebuilding and restoring old pinball machines and arcade games. It is not just about reclaiming part of his youth, he says. It is also about preserving a golden era in computer history. “If no one else saves them, they will disappear.”

Blockchain is changing how the world does business, whether you’re ready or not. Learn from the experts at Business of Blockchain 2019.

Register now
Want more award-winning journalism? Subscribe to Print + All Access Digital.
  • Print + All Access Digital {! insider.prices.print_digital !}*

    {! insider.display.menuOptionsLabel !}

    The best of MIT Technology Review in print and online, plus unlimited access to our online archive, an ad-free web experience, discounts to MIT Technology Review events, and The Download delivered to your email in-box each weekday.

    See details+

    12-month subscription

    Unlimited access to all our daily online news and feature stories

    6 bi-monthly issues of print + digital magazine

    10% discount to MIT Technology Review events

    Access to entire PDF magazine archive dating back to 1899

    Ad-free website experience

    The Download: newsletter delivery each weekday to your inbox

    The MIT Technology Review App

You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.