Was it that before then people simply weren't writing malicious code and nobody even thought about safeguarding against it?
Furthermore, were banks and stuff ever running on OS's without protected memory? Because that ... that would've been awesome in its own little naive way.
People in the finance industry treat C++ like they were abandoned as children in the woods, and C++ brought them to its home, fed them, raised them, and sent them to college. Someone I work with claims that Stroustrup is God.
If you're an exchange or some other data source and you want to compromise a shit-ton of machines, start sending invalid messages to the banks. You will have a botnet in about three nanoseconds.
At that time, it was also much harder for viruses to propagate - they would have to infect files and disks. Also, most IIs were booted from the application floppy and were thus completely stateless: whatever the virus did in the last session would have no effect on the next one.