Cybersecurity has been a major headache for businesses in the 21st century and the post-pandemic era has only made the matter worse. According to a Check Point report, corporate networks in 2021 saw a 50% increase in cyberattacks from 2020, with December touching an all-time high. Online threat agents have come a long way from the phreaking and phishing scams of the 2000s but one way to understand how they work today is to see how they evolved with time. Take a look at a brief history of cybersecurity & IT security and you might find a few surprises. For instance, did you know the earliest hacking could be traced back to the 19th century when French robbers breached the French Telegraph System and crashed the stock market in 1834? Read on to know more.
What was the first cybercrime and what type was it?
From the infiltration of the New York grid of Alexander Graham Bell’s telephones in 1878 to the phone phreakings of the 1950s — all the major attacks in the early days were centered around the telephones. However, things started to change as computers went mainstream. The first concept of a computer virus was put forward by John von Neumann in 1949 but it took 22 years more to actually plant one in computers. In 1971, Bob Thomas released the Creeper on ARPANET, which is an earlier version of the internet. The Creeper malware left bread crumbs everywhere it went, displaying a quote on the infected monitors: “I’M THE CREEPER: CATCH ME IF YOU CAN.” Thomas didn’t have any malicious intent and merely wanted to test the malware. But this stands as the first-ever cybercrime that was carried out.
Ray Tomlinson, the inventor of email, created a software called Reaper that tracked and eliminated the Creeper from computers. Reaper was, in a way, the first-ever antivirus software. However, things really started moving in the 1980s with the first cybersecurity patent for “cryptographic communications system and method.” At the height of the cold war, the US Department of Defense released detailed guidelines regarding cybersecurity & IT security, and the Trojans and antivirus software followed suit.
History of Malware
Malware is a broad term that covers everything malicious on the internet. Apart from the Bob Thomas experiment, one of the earliest cases of malware attack arrived in 1982, when a 15-year old Rich Skrenta deployed a virus on Apple II computers that read
“Elk Cloner: The program with a personality
It will get on all your disks
It will infiltrate your chips
Yes, it’s Cloner!
It will stick to you like glue
It will modify RAM too
Send in the Cloner!”
The Elk Cloner virus could infect floppy disks, but Skrenta only wanted to have fun with his peers.
Fast forward to 1986, another innocent experiment closed people out of their computers, this time originating from Pakistan. Two brothers, planning to sell their medical software license, rolled out the “Brain” malware targeting the users with pirated copies. When a user booted their device, they were greeted with a message and a contact form to reach the brothers.
The next one on the list is the Morris Worm in 1987 which had devastating impacts despite good intentions. Robert Morris released a worm that could replicate itself and spread across devices. He wanted to quantify the reach of the internet and find security flaws. The worm replicated itself beyond Morris’ imagination and it overloaded devices with the first-ever denial-of-service (DoS) attack. The damage lasted for days, and it’s estimated to be as high as $10,000,000. Morris also became the first malware author to be convicted for his crimes.
Michelangelo in 1992 became the most popular virus because of its connection with the Renaissance painter. It was a boot sector virus that targeted DOS-based systems and it was programmed to be activated on March 6, the birthday of Michelangelo. The time bomb virus became a sensation and received global coverage.
Between 1994-1995, the AOL community became famous and the first-ever phishing attack was carried out. The AOHell program created random free accounts and sent automated IMs to ask users to verify their accounts. They used that data to create and sell accounts.
In 1999, the Melissa virus targeted email users to steal data. It infected accounts with a Word doc and forwarded itself to the first 50 Microsoft Outlook addresses. It was one of the fastest and most devastating viruses at that time.
Malware in the 21st century:
ILOVEYOU Worm: It was another virus that spread through emails. In 2001, users received emails with the subject line “ILOVEYOU”, and the virus and its variants affected both consumers and government agencies.
SQL Slammer: in 2003, SQL Slammer became one of the fastest worms by spreading through 75,000 devices within 10 minutes, slowing down the internet for the day.
Mytob/Zotob: In 2005, Mytob blended botnet, backdoor, and worm properties to attack devices with email attachments and by directly exploiting device vulnerabilities. The Zotob variant improved upon Mytob and targeted Microsoft’s flaws.
Flame: In 2012, Flame was one of the most devastating malware that replicated like worms, spied on Skype conversations, and used Bluetooth to catch information.
In recent years, Blue Screen of Death (BSOD) call center scams, Mirai, the IoT botnet, and crypto mining software have kept security experts and businesses on their toes.
History of Ransomware
Ransomware is a type of malware but they’re more unique. The first ransomware attack was carried out in 1989 by Joseph Popp. Popp was an AIDS researcher who distributed malware on 20,000 floppy disks to other researchers at a WHO convention. The malware became active after the device was booted 90 times and demanded a total payment of $567 to access it.
Around 2005-2006, ransomware became more rampant and advanced. The Archiveus Trojan and GPcode attacked My documents folder and spread through fake job applications to hold user data hostage. The first decade saw gradually evolving malicious agents encrypting parts of a computer and requiring payments for access. But in 2013, CryptoLocker took ransomware to a different level.
CryptoLocker infiltrated devices through emails, rewrote all the files, and encrypted them. CryptoLocker 2.0 first started asking for payment through Bitcoin, ushering in the age of crypto frauds. CryptoLocker made almost $30 million in the first 100 days.
In the next few years, different variants of crypto-focused ransomware were released including CryptorBit, SynoLocker, Cryptoblocker, Chimera, and versions of CryptoWall. They exploited Group Policy settings, Java vulnerabilities, email attachments, and video games and used Tor and Bitcoin to extract money.
In 2017, WannaCry became the most popular and devastating ransomware that impacted millions of devices across continents by using EternalBlue, leaked by the NSA. Following the attack, Petya, Goldeneye, and NotPetya improved upon the flaws of WannaCry to cause more damage.
In recent years, big-game hunting has started targeting businesses and large organizations with coordinated ransomware attacks. Along with that, double extortion and ransomware-as-a-service have posed serious challenges to businesses and security advocates.
A history of Cybersecurity software
The rise of cybercrime also gave rise to cybersecurity software. It all started in 1987 when the Brain malware impacted John McAfee’s computer. He not only removed the virus from his computer but also decided to help others. McAfee founded McAfee Associates and launched the first antivirus, VirusScan.
The same year Ross Greenberg released FlushShot Plus and Erwin Lanting launched Anti4us software to detect viruses. In 1988, Czech security firm Avast released the Avast Antivirus application. Avast also launched Avast SecureLine VPN soon. Symantec released their first-ever Norton AntiVirus in 1992, creating a competitive cybersecurity & IT security landscape. In 1997, Eugene Kaspersky formally founded Kaspersky, after developing security tools for almost a decade, along with Natalya Kaspersky, Alexey De-Monderik, and Vadim Bogdanov.
In 2001, Softwin founder Florin Taples created Bitdefender, which replaced the company’s older Antivirus expert (AVX). Cybersecurity & IT security tools have evolved along with cybercrimes. Even if you have a robust security system in your company, it’s important to train employees on security and be aware of new developments. If you would like to strengthen your security infrastructure, get in touch with us.