We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Virus Hunter

Mikko Hypponen defends the Web against mischief.

Who would have thought a youth misspent playing Space Invaders and Donkey Kong could prepare you for the real world? Certainly not Mikko Hypponen’s father, who, seeing no future in computers and frustrated by his son’s obsession with them, sometimes resorted to desperate measures. “He removed the fuse in my bedroom to turn the electricity off, just to get me to come to the dinner table,” says Hypponen.

But as it turned out, the hours spent taking on alien invaders served as training for battling an altogether different kind of assailant: computer viruses. Hypponen, now the chief research officer of the Finnish computer security firm F-Secure, has become one of the most respected virus hunters in the business.

He and his team were on the front line during outbreaks of Slapper–a worm that affected tens of thousands of com-puters in 2002 by exploiting a vulnerability in Linux Web server software–and Sobig.F, a worm that at its peak in 2003 was lurking in one of every 17 e-mails. He is also credited with being the first to warn about the May 2004 outbreak of the Sasser worm, which infected hundreds of thousands of computers across the globe–stopping train traffic in Australia, delaying Delta flights in the United States, and paralyzing Taiwan’s national post office.

But where Hypponen really shines is in predicting new threats long before they occur. He warned of the possibility of document-infecting macroviruses, such as the infamous Melissa virus, in the early 1990s, two years before they started to appear, and he predicted mobile-phone viruses several years before the first one struck.

Hypponen doesn’t attribute his skill at tackling malware to video game-honed strategies per se, but rather to the fundamental knowledge of computers that he developed in his teenage gaming years. Frustrated by how long games took to load on his Commodore 64, he taught himself assembly language so he could write code that would speed up the process. By 14 he was already making money from his programs. “I was selling them to floppy magazines, magazines published on floppy disks,” he says.

The skills he picked up during this period would serve him well. He joined F-Secure (which at the time was called Data Fellows) in 1991, and a year later, he got his first taste of decoding a virus. Back then, viruses were a relatively new phenomenon, and resources for dealing with them were sparse.

“I couldn’t run the virus on a machine to see what it did because we couldn’t spare one. They were too expensive.” Instead, he had to print out nearly 40 pages of code and meticulously go through it line by line, trying to figure out what the program did. The process took about three days–long enough to get him hooked.

Today, of course, computers are cheap, so running viruses isn’t a problem. But Hypponen still uses his reverse-engineering skill in trying to predict new threats. Virus writers are no longer interested in notoriety, he says; these days they are after money. He believes virus writers are now teaming up with spammers and designing viruses that try to evade detection.

So after mobile phones, what could possibly be the next target? Skype, according to Hypponen. The peer-to-peer Internet phone service is an ideal mark for malware writers because it is designed to bypass firewalls.

While he waits to begin his next battle with virus writers, Hypponen directs his passion for reverse engineering toward rebuilding and restoring old pinball machines and arcade games. It is not just about reclaiming part of his youth, he says. It is also about preserving a golden era in computer history. “If no one else saves them, they will disappear.” – By Duncan Graham-Rowe

Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.

Subscribe today
Want more award-winning journalism? Subscribe to Insider Plus.
  • Insider Plus {! insider.prices.plus !}*

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    Print + Digital Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

    Technology Review PDF magazine archive, including articles, images, and covers dating back to 1899

    10% Discount to MIT Technology Review events and MIT Press

    Ad-free website experience

You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.