Advanced Cyber Security

You are here: SecPoint Cyber Security News

A Complete History of Cyber Security

History of Cyber Security

Unless you've been living under a rock for the past three decades or so, you've heard all about cyber security and cyberattacks. 

It's one of the hazards of our connected, plugged-in, internet-savvy age. And cyber security comes with a host of exotic terms—like "hackers," "viruses," "ransomware gangs," and "DDoS attacks." 

But have you ever heard of "phreaks," "Creepers," and "Reapers?" Turns out these strange terms emerge from the weird annals of cyber security history. And the road to modern cyber attacks is a long and strange one indeed. 

Learning about the history of cyber security is important to understanding how computer attacks came to be, and how technology has changed to prevent them. So let's take a look at a cyber security history timeline, and see just how cyber attacks and cyber security have changed over the decades. 

The Internet Age

The internet has altered modern civilization in ways that are difficult to fully imagine. 

It's hard to even remember a time when the world's collective knowledge wasn't at your fingertips. Or when a global marketplace wasn't accessible to virtually every human being. 

But despite the manifold benefits of the internet, it's also safe to say that it constitutes the single greatest threat to privacy in the history of mankind. 

Internet History: Security and Privacy

In simple terms, the internet is a protocol designed to assign specific addresses to computer devices and connections on a communications network. 

Now, that's a fancy way of saying what we all know—the internet is a sophisticated communications network. It grew from simple telephone landlines to a vast, globe-encompassing mesh that includes wireless radio networks. And there are even plans to extend this network into the further reaches of space. 

The internet is a public communications system. This means the information transmitted over this system is vulnerable to attack. And as the volume and sensitivity of transactions on the internet increase, so do the opportunities for data breaches and information theft. 

There's nothing physical about the internet—it's as intangible as the TV and radio waves that suffuse the world around us. It's not a thing that you can hold in your hands; rather, it's what allows certain things (computers, smartphones, etc.) to talk to one another. 

In the days of ancient history (i.e., the seventies and eighties), or what might be considered B.I. ("Before Internet"), computer networks were rare. They were strictly the preserve of large governments, militaries, corporations, and institutions with sufficient resources. 

They were also quite primitive. Accessing a network was a lengthy, complicated process. You were either logged into a device connected to the network, or you hooked into it via a modem. Plus, you had to dial each network directly, and wait for a connection. 

Accessing another network meant having to go through the process all over again. 

Internet Protocols

This was a situation that couldn't continue forever. 

So, the internet adapted, with the creation of the TCP/IP system. TCP stands for "Transmission Control Protocol," and IP stands for "Internet Protocol." And the introduction of these measures also introduced new opportunities for cyber security breaches. 

The creation of internet protocol addresses made it easier for connected devices to locate and identify each other. However, the other side of the coin is that in order to do so all the addresses must be mutually visible. 

And this raises major privacy issues. After all, such widespread visibility makes it difficult to shield networks and devices from prying eyes. This was a situation that was unacceptable. 

First, you've got the sheer "leakiness" of the whole setup. All your dirty laundry is aired in public, on public communications lines. These lines are traceable and hackable and offer virtually no security. 

So, this is where a new solution arrived on the scene. A VPN, or "virtual private network," is a secure connection on a public network. A VPN server can be run by any network operator with sufficient resources to establish one. Furthermore, a tunneling protocol can help solve the visibility problem by creating hidden connections and favoring VPNs. 

Best of all, the data transmitted on VPNs is encrypted. Even should the protections fail, the encryption measures render the recovered data useless. 

The History of Cyber Security

Now, that's a (very) brief overview of the development of the internet. In a nutshell, it went from having no security measures to having a number of defensive options. 

But why was cyber security even an issue? What was going on that rendered internet systems and computer networks vulnerable in the first place? 

As it turns out, there were a number of threats emerging in lockstep with the development of the internet. And so before the internet was even a twinkle in Al Gore's eye, some bad apples were laying the groundwork for hacking and cyber attacks. 

To understand how cyber security and cyber attacks have reached their current stage, we need to go back to the beginning. Way back, as it happens…all the way to the forties, when the world was just emerging from the most devastating conflict in human history. 

1940s: The Beginning

The 1940s saw a rapid expansion in the evolution of computing technology. 

Much of this was driven by the Second World War, during which the Allied and Axis powers strove for dominance in the computer realm as much as in the battlespace.

Innovative computing devices arrived in rapid succession. Among these early computers was the German Z3, the British Bombe, the Bell Labs Relay Interpolator, and the Colossus of Bletchley Park. 

By the end of the decade, giant room-sized computers like the Mark 1, ENIAC, and the Selective Sequence Electronic Calculator (SSEC) had ushered in the computer age. However, these computers were isolated monstrosities. None of them was networked, and security was a cinch. 

But the Hungarian scientist Jon von Neumann was already lecturing about "self-reproducing automata," which many believe laid the groundwork for self-replicating computer programs—computer viruses, by another name. 

1950s: Getting Phreaky

It's important to remember that internet technology is as much about telecommunications as it is about computers. 

And that means telephone lines and switchboards and transcontinental phone lines. These things predate computers by a considerable amount of time. And early "hackers" have been experimenting with ways to hijack these systems for almost as long. 

This brings us to the late 1950s when a strange phenomenon called "phone phreaking" became popular. Phreaking is somewhat of a lost and forgotten art these days, which is a great shame. 

Phone phreaks were basically the 1950s version of present-day computer nerds and amateur hackers. They were teenagers and other ne'er-do-wells with a lot of time on their hands. And they often spent that time exploring the telephone network—hacking it, in other words. 

This was pretty low-tech stuff. It involved careful listening in on phone lines, to detect the clicks and beeps that signaled the routing systems of telephone operators. Or they pored over dense, unreadable technical journals put out by telephone companies. 

It was a lot of effort for the sake of a free phone call. Nevertheless, the phone phreaks are unquestionably the granddaddies of today's more sophisticated hackers.

And as is often the case, cyber security measures greatly lagged the development of cyberattacks. To the chagrin of the phone companies, phone phreaking was never suppressed. It only died off in the 1980s, as technological priorities shifted.

1960s: A Decade of Changes

Even in the sixties, computers remained largely as they had always been. 

They still consisted of gigantic mainframes, complex pieces of technology that were the size of entire rooms. These machines were not the sort of thing that just anyone could access. 

They were the property of large businesses, universities, military installations, or government institutions like NASA. They were huge, expensive, difficult to operate, and liable to mechanical failure. 

These computers were isolated creatures, not so many nodes in the connected internet constellation that they are today. But that doesn't mean that cyberattacks—or at least their distant ancestors—didn't exist. 

The sixties was, in fact, the decade in which hacking got its shaky start. The very term "hacking" emerged from MIT's Tech Model Railroad Club, which evolved into the school's Artificial Intelligence Laboratory, if you can believe it.

The members of this club hacked their toy train sets to tweak and enhance their capabilities. Afterward, they graduated to "hacking" more sophisticated computers, in order to innovate and explore. 

Of course, this had nothing to do with true cyber attacks and cyber security. It's closer to what's known as "ethical hacking," and is meant to improve computer systems. Unlike today's financial and geopolitical motivations, the hacking involved here was purely utilitarian. 

ARPANET

But we can't move on from the Swinging Sixties without looking at one development that's seminal in the history of cyber security. This event occurred on October 29, 1969, when the first message was sent over ARPANET. 

ARPANET, the Pentagon's Advanced Research Projects Agency Network, was the precursor to the internet. The initial message was meant to be "login," but only "lo-" was sent before the system crashed. 

Still, the full message was sent an hour later, and the world would never be the same. A permanent ARPANET link was established a few weeks later. In 1975, ARPANET was fully operational, and the Defense Communications Agency assumed control of the network. 

ARPANET was finally decommissioned in 1990—but by then it had already changed the world. It was the beginning of internet history. 

1970s: A Cyber Security Revolution

With the establishment of ARPANET, we have the antecessor of the internet. And that means the beginnings of computer worms, viruses, and cyber security countermeasures. 

The creation of the first self-replicating computer virus was a big deal. It was the brainchild of one Bob Thomas, a computer researcher with BBN Technologies. Of course, it wasn't his idea to create malware—he was just testing the limits of computer software. 

The year was 1971, and the "virus" was called "Creeper." It was a self-reproducing program designed to travel throughout the ARPANET system and copy itself in the different nodes. It left a trail wherever it went, with the message "I'm the Creeper: catch me if you can." 

It was perfectly harmless and didn't constitute malware in any real sense. Nevertheless, the hunt was on, and there were those who could and did catch the Creeper. 

As day follows night, so the first virus led to the first antivirus. This was a program called "Reaper," and it was created in 1973 to chase down Creeper and delete it from ARPANET's network. 

Some say Reaper was created by Bob Thomas himself, as a belated attempt to control the Creeper. Others think that's giving the mischievous programmer far too much credit. They say it was created by Ray Tomlinson, who years later would invent email. 

Either way, the question of who invented the first antivirus must remain unanswered. 

Growing Concerns

The great Creeper-Reaper saga of the early seventies, though humorous on the face of it, belied growing cyber security worries. 

Although these early programs were only intended to explore the limits of computer systems, the decade saw increasing discussions of the possibility of cyberattacks. There was an uptick in the number of academic papers concerned with the (at the time) theoretical aspects of potential cyberattacks and infiltrations. 

By the mid-1970s, the Advanced Research Projects Agency's Protection Analysis program was enacted to explore computer security protocols. The idea was to identify and assess vulnerabilities in software programs—the beginnings of an obsession that was to consume military agencies in coming decades. 

But the decade went out with a bang: in fact, with one of the first cyber-attacks. This was in 1979 when a callow youth by the name of Kevin Mitnick hacked into The Ark, a computer operated by the Digital Equipment Corporation (DEC). The Ark was used to develop operating systems, and Mitnick copied the company's software. 

It was a cyberattack by any definition, and it earned Mitnick a jail sentence in 1988. It was also the beginning of the era of amateur hackers, crackers, black hats, white hats, and script kiddies. 

1980s: Cyber Security Goes Mainstream

In 1983, the movie WarGames was released, starring Matthew Broderick and Ally Sheedy. 

The film was a box-office success, introducing the "teenage hacker" trope and popularizing the notion of remote computing and early internet technology. Suddenly, through the medium of fiction, the public was very much aware of the dangers of cyber attacks and the need for cyber security. 

Meanwhile, in the real world, actual hackers—like the German Marcus Hess—were infiltrating ARPANET and military computers in the earliest salvos of cyber espionage. The proliferation of cyber attacks led to the development of new countermeasures, crude as they were.

In practice, this meant keeping an eye on the size of files. Sudden and unexpected increases in file sizes turned out to be one of the key indicators of a potential infection. 

By 1987, however, more sophisticated cyber security measures appeared. The first iteration of the NOD antivirus was created in this year, by the Czechoslovakian programmers Miroslav Trnka and Peter Paško. Known as "NOD-ICE," it was a DOS-based program; it has since been replaced by NOD32. 

And in the same year, the British-American computer programmer and businessman John McAfee designed the first commercial antivirus software. He founded McAfee Associates, Inc., to sell the program; the company and its software still exist today, as part of Intel's Security Division. 

1990s: The World Wide Web Is Born

The 1990s is the decade when the internet went mainstream. 

As the millennium came to a close, the world was increasingly linked by a tissue of interconnected computers. And with the expansion of the cyber ecosystem, the number and kinds of viruses and malware exploded. 

At the beginning of the decade, new viruses arrived on the scene. This included so-called "polymorphic" viruses, which used a mutating code to evade detection while retaining the original core algorithm. 

Antivirus software was forced to adapt. At first, antivirus programs merely scanned a system for code that matched a database of viral signatures. Of course, this was both time intensive and diverted a great deal of computing power. 

This led to new cyber security methods. Computer firewalls were first developed, patterned after structural firewalls used to slow the spread of fire. At the same time, heuristic scanners came on the scene. These adaptive programs used generic signatures to seek out even the wiliest polymorphic viruses. 

Email: A New Dimension in Cyber Security History

The 1990s was also the decade that saw the advent of electronic mail, or email. 

Email was a blessing in many ways, and by revolutionizing communication it showed people what the internet could really do. Of course, there are two sides to every coin—and the obverse of this coin was that email was the perfect vehicle for malware. 

One of these was the Melissa Virus, which hijacked Microsoft Outlook email programs to send itself to the first 50 addresses on the victim's contacts list. It was otherwise harmless, but even so, the Melissa Virus managed to gum up the works on the internet and crash email servers around the world. 

2000s: A New Cyber Security Horizon

In the first decade of the new millennium, a true arms race had emerged between cyber attacks and cyber security. 

In fact, never in cyber security history had there been such a struggle. Malware was so sophisticated that downloads were no longer required. A victim had only to visit an infected webpage to be targeted by viral software. 

The appearance of the Zeus Trojan virus in 2008 showed just how dangerous cyberattacks had become. Using key-logging and form-grabbing, the virus snatched banking details and led to $70 million in stolen money. 

But new cyber security measures were keeping pace. The new horizon for anti-malware security involved cloud-based architectures. Offloading antivirus software to cloud computing was a good workaround for the performance problem. 

Furthermore, cyber security was now built into the operating system, forming an added layer of cyber defense. Through the use of regular OS updates, a method pioneered by the Apple ecosystem of products, antiviral software was kept up to date on a regular basis. 

2010s-2020s: Challenges Ahead

By the 2010s, the internet was no longer limited to home computers. 

With the proliferation and evolution of smartphones and mobile devices, the internet was now a part of everyday life. A person's digital, online life was nearly as important as "real" life. Banking, social media, work, even the search for a romantic partner—all of this fell within the digital domain. 

And this meant plentiful opportunities for cyber attacks. Identity theft and ransom attacks became common.

One of the most notorious was the WannaCry ransomware attack of 2017. Victims had their computer files locked, and were forced to pay a Bitcoin ransom in order to unlock them. 

Meanwhile, the nascent 2020s have seen their own share of cyber attacks. The decade has barely begun, but already there has been a sharp increase in high-profile ransomware attacks. 

The most infamous was the Colonial Pipeline breach in April of 2021. The DarkSide group launched this attack, disrupting fuel supplies to the northeastern United States. Colonial Pipeline capitulated, paying the DarkSide network's estimated $4.4 million ransom in Bitcoin. 

Further ransomware attacks have targeted Acer, Kia Motors, and even the NBA. These and other attacks have underscored the growing geopolitical threats that cyber attacks will pose in the coming decade. And these threats are not likely to recede as AI and Internet of Things technologies come into their own.  

But next-generation cyber security measures are evolving to keep up. These include multi-factor authentication, network behavior analysis, real-time protection, and many more defenses. 

Looking Forward From Cyber Security History

The history of cyber security is a long and strange one. 

Computers have changed a great deal since the giant mainframes of the fifties and sixties. And viruses and antivirus software have come a long way since the days of the Creeper and the Reaper. 

And though the challenges have multiplied, some of the best defenses are the oldest in cyber security history. For one thing, never open suspicious emails. For another, always update your antivirus software. 

SecPoint has the tools to keep you safe. We offer vulnerability scanners, firewall VPNs, and much else. Contact us today to see how we can help.