CYBERSECURITY HISTORY: HACKING & DATA

BREACHES

If you’ve spent any time online you have likely encountered some
type of cybersecurity breach, whether it was on a website you use,
someone hacked into your social media account, or you were the
victim of malware on your personal or work computer. At this point,
cybercrime has touched the majority of internet users in one way or
another.

Despite our heavy reliance on the internet, it is still a relatively new

technology. For example, Gen Xers are able to clearly recall a time
when there was no public internet, email or Facebook (although
government and military computers did use an early form of
internet in the 1970s). Many likely even remember the first hackers.
There is a large population of people out there who have seen the
emergence of the internet in their lifetime.

So, when looking at the exponential growth and development of the

internet, cybercrime, and cybersecurity within a fairly short time
span, the whole picture is pretty impressive.

While cybersecurity and computer hacking seem to be talked about

all the time nowadays, it can be surprising to think about how recent
of a development they both really are. You don’t have to go back far
to get to the beginning with cereal whistles and college kids. Since
then, the developments have been advancing at an ever-increasing
pace.

Let’s take a look at some of the more notable incidents in the

history of the arms race between hacking and cybersecurity.

Who was the first hacker?

Technically, the very first cyberattack occurred in France in 1834.
Two thieves stole financial market information by hacking the
French Telegraph System. There were other “hackers” who emerged
over the years to disrupt phone service and wireless telegraphy, but
it wasn’t until 1940 that things got really interesting.
In 1940, Rene Carmille became the first ethical hacker. He was a
punch-card computer expert and member of the Resistance in
France during the Nazi occupation. He owned the machines that
France’s Vichy government used to process information. He
discovered that the Nazis were using the machines to track down
Jews, so he offered to allow them to use his machine. They took the
bait, and he then used that access to hack them and disrupt their
efforts.

In 1962, the first computer passwords had been set up by MIT to

limit students’ time on the computers and provide privacy for their
computer use. Allan Scherr, an MIT student, created a punch card
that triggered the computer to print all the passwords in the system.
He then used them to get more computer time and distributed them
to his friends, as well. They also hacked into their teacher’s account
and trolled them by leaving taunting messages.

The first computer virus is believed to have been used in 1969 at

the University of Washington Computer Center. A person who has
never been named installed a program that came to be known as
“RABBITS Virus” on one of the computers. The program began
replicating itself until it overwhelmed the computer causing it to
shut down.

Kevin Mitnick is often referred to as the first cybercriminal. From

1970 until 1995, Mitnick managed to access some of the most
guarded and secure networks in the world, including Motorola and
Nokia. He used complex social engineering schemes that tricked key
personnel in the companies into providing him with passwords and
codes which he used to penetrate the internal computer systems.
He was arrested by the FBI and faced a number of federal charges.
After prison, Mitnick became a cybersecurity consultant and author.

What was the start of cybersecurity?

Cybersecurity history is interesting indeed. It is thought to have
started in 1971 when Bob Thomas, a computer programmer with
BBN, created and deployed a virus that served as a security test. It
was not malicious but did highlight areas of vulnerability and
security flaws in what would become “the internet.”
The virus, named after a Scooby Doo villain, “Creeper,” was
designed to move across ARPANET (Advanced Research Projects
Agency Network) – the forerunner to what we now call the internet.
ARPANET was established by the U.S. Department of Defense.

Thomas created the computer worm to be a non-harmful self-

replicating experimental program. It was intended to illustrate how
mobile applications work, but instead, it corrupted the DEC PDP-10
mainframe computers at the Digital Equipment Corporation,
interfering with the teletype computer screens which were
connected. All the users could see on the screen were the words
“I’m the creeper, catch me if you can!”

In response, Ray Tomlinson, Thomas’ colleague created the Reaper

Program. It was similar to the Creeper. It moves through the
internet, replicating itself, and finds copies of the Creeper. When it
locates the copies, it logs them out, so they are rendered impotent.
The Reaper was the first attempt at cybersecurity – the first
antivirus software program.

What is the importance of cybersecurity in the modern

internet age?
Cybersecurity is big business these days, especially now that the
internet is a major part of our everyday lives and most businesses,
as well as governmental agencies, rely on it for everything from
record storage to operations. Cybersecurity professionals are
employed or contracted with most corporations and government
agencies and a majority of mid-to-large sized businesses. It has
become a necessity. As the internet has grown so, too, have the
threats.

Cybersecurity helps protect individuals, businesses, and

governments from people who seek to gain access to systems
illegally and create havoc through:

 Viruses
 Phishing
 Man in the middle attack
 Password breach
 Denial of Service attack
  SQL Injection
 Ransomware

These attacks can destroy computers and digital devices like tablets
and smartphones. They can deceive people into giving out their
login information that impact financing, work, email, and other
sensitive areas. They can invade a system and steal information,
including people’s identities, which leads to identity theft.

Cybersecurity professionals are the rockstars of the computer

world today. There are many different positions in the field and can
be found in businesses, voluntary agencies, government agencies,
and for individuals. They can work as:

 Ethical hackers
 Source code auditors
 Security architects
 Computer crime investigators
 Security consultants
 Cryptographers
 Security analysts

Students entering computer science programs who are interested in

cybersecurity have plenty of opportunities in a variety of areas.

When did ethical hacking start?

The term “ethical hacking” was first used in 1995 by John Patrick,
IBM Vice President. The practice had already been around for
decades, but Patrick gave it a name and a platform.

Hacking didn’t always have such negative connotations. In the

1960s, engineering students used the term to indicate various
methods of optimizing machines and systems to increase their
efficiency. In fact, early hacking was more in line with ethical
hacking.

By the 1980s and into the 1990s, personal computers became more
popular and more widely used. Computer programs were used to
store confidential records and personal information which caught
the interest of hackers with not-so-great intentions.
These “black hat hackers” became digital trespassers and thieves.
They used their hacking skills to access private computers and
destroy records, access financial accounts, steal data, and blackmail
businesses into paying massive sums of money.

White hat hackers emerged to combat the nefarious intentions of

black hat hackers. These ethical hackers act as security specialists,
exploring the system to identify security holes and areas that are
vulnerable to hacking.

There are also grey hat hackers, a blend of ethical and unethical
hackers. This type of hacking is typically done at the national level
for the security of government agencies.

Today, there are certification programs for ethical hacking. It has

become a very big business in the computer world.

What is the largest data breach so far?

The biggest data breaches in history have occurred since 2005. As
businesses and governments made the move from paper to digital
records and information, data breaches increased in frequency and
intensity.

In 2005, the Privacy Rights Clearinghouse reported 136 data

breaches. Since then, more than 4,500 data breaches have been
announced publicly. However, experts estimate that the numbers
are actually much higher.

To date, the award for the largest data breach of all time goes to
Cognyte. They reported a data breach was in excess of 5 billion
records. Over a four day period, the database was exposed, leaving
5,085,132,102 records vulnerable that contained information
including:

 Name
 Email address
 Password
 Data source

The sources of data included Canva, MySpace, Tumbler, Zoosk,

Rambler, Appen, MGM, and more.
What is the future scope of cyber security?
Experts looking ahead at the future of cybersecurity have some
sobering warnings. Cloud computing will become an increasing
target for hackers. It also looks like passwords aren’t going
anywhere even though there has been talk of alternatives that are
less of a risk and more effective in securing systems. AI tech is also
expected to continue its incredible growth and become a key
component in cybersecurity, especially in securing sensitive
information like healthcare records.

Unfortunately, data breaches are expected to continue to increase.

This is unsettling to say the least, especially when considering the
growing reliance on computer systems to store data. Some experts
say that not only will the breaches be more prevalent, they will be
more devastating.