The History of Cybersecurity
Learn about key events and developments in the escalation of cyber attacks and cybersecurity since the beginning of the internet.
- Antivirus software
- Attack surface
Brilliant hackers of both the black-hat and the white-hat varieties face off against each other every day, with one side trying to steal information or crash computer systems and the other trying to stop them.
How did we get here? To understand the current cybersecurity landscape, let’s take a look at the history of cybersecurity.
1969—The Nucleus of the Internet
The internet came into being as the end result of many technological developments over a number of years, but the core of what could come to be the internet was ARPANET, a computer network designed and funded by the Pentagon’s Advanced Research Projects Agency. The first ARPANET message was sent on Oct. 29, 1969, paving the way for more robust computer communication—and greater vulnerability.
1971—Creeper: The First Worm
Software developer Bob Thomas, one of the few IT professionals working on computers that were connected to the fledgling ARPANET, had an idea: What if you could write a computer program that used the ARPANET network to move from one computer to another? To test his idea, he wrote a program that used PCs on the network to print out a simple message: “I’m the creeper; catch me if you can.”
The Creeper, as this program came to be called, didn’t install itself on the PCs it used; after it printed its message on one machine, it disappeared from that one and moved on to another. This was the first time a program had moved from one computer to another without manual intervention by a human—quite a feat in 1971. Thomas’ playful experiment did no damage, but in retrospect we can now say he invented the first computer worm.
1973—Reaper: The First Cybersecurity Program
Fittingly, the advent of the first computer worm gave rise to the first cybersecurity effort to track down and eliminate an unauthorized program. Ray Tomlinson—an ARPANET researcher who invented the first networked mail messaging system—developed a program named Reaper, which scoured ARPANET to find and delete the Creeper worm.
ARPANET began requiring its users to conduct all network communications via a set of transmission control protocol/internet protocol (TCP/IP) conventions. TCP/IP became the global standard for network communications, allowing networks all over the world to communicate easily with each other and giving rise to the Internet.
1987—Virus, Meet Antivirus
The Vienna virus, which spread in the late 1980s, destroyed random files on computers it infected. A simple virus with many known variants, it never did much damage and probably wouldn’t have become famous except for one thing: When German computer researcher Bernd Robert Fix received a copy of Vienna, he wrote a program that neutralized the virus’ infective and destructive capabilities, making Vienna the first virus known to have been destroyed by an antivirus program.
This was also the year when some of the first antivirus companies were founded, such as McAfee Associates, the creators of McAfee, the first commercially marketed antivirus software.
1988—Internet Under Attack
Robert Morris, a 23-year-old graduate student from Cornell University, created and released several dozen lines of code that constituted the first Internet worm. The malware replicated wildly, infecting and crashing about 10% of the 60,000 computers connected to the internet and causing millions of dollars in damage. Morris became the first person indicted under the federal Computer Fraud and Abuse Act. After serving three years on probation, he became a professor of computer science at MIT.
1990s—The Antivirus Industry Explodes
Microsoft’s Windows operating system achieved massive popularity in the early 1990s, fueling a boom in the PC market—and a corresponding increase in virus activity. The antivirus industry rose to the challenge with products like McAfee, Norton Antivirus and Kaspersky. The primary technique these products used involved scanning all the files in a system and comparing them to a database containing “signatures” of known malware.
This method worked, but it had the chief limitation of being a reactive measure. The antivirus software couldn’t begin protecting users against a piece of malware until the company had obtained a specimen of the malware, isolated its signature and added it to the database. This model also required users to update their installed copies of the antivirus software with the newest versions of the signature file, which consumed significant system resources relative to the narrower bandwidth and slower processor speeds available at that time. The resulting impairment of computer performance caused many users to delay updating their antivirus software, leaving their systems vulnerable.
1999-2000—Viruses and Worms Come of Age
In 1999, New Jersey hacker David Smith created and released the Melissa virus, which distributed itself via email by using Microsoft Outlook. Infected computers would send an email message with the subject line “Important Message.” When users opened the message, the body would read, “Here’s that document you asked for. Don’t show anyone else;).” Below that text was a Microsoft Word document titled list.doc. Opening that document would cause a cascade of events to occur: a barrage of pornography websites would open on the user’s machine, the virus would disable security features in Word and Outlook, and then it would mass-mail itself to the first 50 people in the user’s contact list. Before it was contained, Melissa caused an estimated $80 million worth of damage through disruption of personal, business and government computer operations.
In 2000 the ILOVEYOU worm infected more than 50 million Windows computers by spreading via an email message with the subject line “ILOVEYOU.” The message included an attached file named “LOVE-LETTER-FOR-YOU.txt.vbs.” The .vbs extension indicated that the file was a script in the Visual Basic programming language, but at the time Windows hid final file extensions by default, causing the displayed filename to stop at .txt, the extension for a text file. When users opened the file, the hidden script overwrote random files and sent a copy of itself to all of the addresses in the user’s Outlook contacts. The infection spread so quickly that the Pentagon and the CIA defended themselves by simply shutting down their email systems until the coast was clear.
2000s—Fileless Malware Evades Detection
Another limitation of the standard antivirus model is that it looks for malware by scanning files installed on a computer. That means if you could find a way to transmit malware to a machine without embedding it in a file that gets installed on the target machine, you could fly under the radar of most antivirus software. That’s how the CodeRed worm spread in 2001. CodeRed used a buffer overflow, in which a program that’s writing data to a section of memory called a “buffer” intentionally writes too much data to the buffer. When this happens, the data overflows the buffer’s boundary and overwrites adjacent memory locations. In CodeRed’s case, the overflow data included code for a program that defaced websites, spread itself to other machines and launched distributed denial of service (DDoS) attacks on specific targets, including the White House web server.
2007—A Computer in Every Pocket
Apple launched the iPhone in 2007, giving every user a pocket-sized, internet-connected computer that was at least 100,000 times more powerful view citation than the computer that landed the Apollo 11 lunar landing module on the moon (and got it back to Earth). Smartphones constitute a significant cybersecurity concern because the sheer number of them vastly increases the potential attack surface for a hacker to exploit. Whereas in the past you might have only sent or received email at work or home, now you can do it wherever you have a cellular signal or access to Wi-Fi. Eavesdropping on web activity, stealing stored passwords, phishing attacks—everything a hacker can try to do to you on a laptop or desktop machine, they can try to do on your phone, too.
2010s—Next-Gen Antivirus Puts Artificial Intelligence to Work
In a promising recent innovation, “next-gen” antivirus software uses artificial intelligence (AI) to detect malware without relying on a list of signatures in a database. The AI in next-gen antivirus software looks for malware by taking a broad, holistic view of user behaviors, network traffic and application activity. The AI then extrapolates from that complex and ever-changing set of data to determine whether malware is present and operative in that machine or system. If the software detects malware, it can counteract the threat by blocking application activity, deleting suspect files or restricting user behaviors.
”Your Mobile Phone vs. Apollo 11's Guidance Computer.” RealClearScience. July 2019. View Source
Chapter 03 of 07
Learn about several different cybersecurity technologies that are already in use to protect your passwords, purchases, identities, and communications.