Cybersecurity History: Hacking & Data Breaches

If you’ve spent any time online you have likely encountered some type of cybersecurity breach, whether it was on a website you use, someone hacked into your social media account, or you were the victim of malware on your personal or work computer. At this point, cybercrime has touched the majority of internet users in one way or another.

Despite our heavy reliance on the internet, it is still a relatively new technology. For example, Gen Xers are able to clearly recall a time when there was no public internet, email or Facebook (although government and military computers did use an early form of internet in the 1970s). Many likely even remember the first hackers. There is a large population of people out there who have seen the emergence of the internet in their lifetime.

So, when looking at the exponential growth and development of the internet, cybercrime, and cybersecurity within a fairly short time span, the whole picture is pretty impressive.

While cybersecurity and computer hacking seem to be talked about all the time nowadays, it can be surprising to think about how recent of a development they both really are. You don’t have to go back far to get to the beginning with cereal whistles and college kids. Since then, the developments have been advancing at an ever-increasing pace.

Let’s take a look at some of the more notable incidents in the history of the arms race between hacking and cybersecurity.

Who was the first hacker?

Technically, the very first cyberattack occurred in France in 1834. Two thieves stole financial market information by hacking the French Telegraph System. There were other “hackers” who emerged over the years to disrupt phone service and wireless telegraphy, but it wasn’t until 1940 that things got really interesting.

In 1940, Rene Carmille became the first ethical hacker. He was a punch-card computer expert and member of the Resistance in France during the Nazi occupation. He owned the machines that France’s Vichy government used to process information. He discovered that the Nazis were using the machines to track down Jews, so he offered to allow them to use his machine. They took the bait, and he then used that access to hack them and disrupt their efforts.

In 1962, the first computer passwords had been set up by MIT to limit students’ time on the computers and provide privacy for their computer use. Allan Scherr, an MIT student, created a punch card that triggered the computer to print all the passwords in the system. He then used them to get more computer time and distributed them to his friends, as well. They also hacked into their teacher’s account and trolled them by leaving taunting messages.

The first computer virus is believed to have been used in 1969 at the University of Washington Computer Center. A person who has never been named installed a program that came to be known as “RABBITS Virus” on one of the computers. The program began replicating itself until it overwhelmed the computer causing it to shut down.

Kevin Mitnick is often referred to as the first cybercriminal. From 1970 until 1995, Mitnick managed to access some of the most guarded and secure networks in the world, including Motorola and Nokia. He used complex social engineering schemes that tricked key personnel in the companies into providing him with passwords and codes which he used to penetrate the internal computer systems. He was arrested by the FBI and faced a number of federal charges. After prison, Mitnick became a cybersecurity consultant and author.

What was the start of cybersecurity?

Cybersecurity history is interesting indeed. It is thought to have started in 1971 when Bob Thomas, a computer programmer with BBN, created and deployed a virus that served as a security test. It was not malicious but did highlight areas of vulnerability and security flaws in what would become “the internet.”

The virus, named after a Scooby Doo villain, “Creeper,” was designed to move across ARPANET (Advanced Research Projects Agency Network) – the forerunner to what we now call the internet. ARPANET was established by the U.S. Department of Defense.

Thomas created the computer worm to be a non-harmful self-replicating experimental program. It was intended to illustrate how mobile applications work, but instead, it corrupted the DEC PDP-10 mainframe computers at the Digital Equipment Corporation, interfering with the teletype computer screens which were connected. All the users could see on the screen were the words “I’m the creeper, catch me if you can!”

In response, Ray Tomlinson, Thomas’ colleague created the Reaper Program. It was similar to the Creeper. It moves through the internet, replicating itself, and finds copies of the Creeper. When it locates the copies, it logs them out, so they are rendered impotent. The Reaper was the first attempt at cybersecurity – the first antivirus software program.

What is the importance of cybersecurity in the modern internet age?

Cybersecurity is big business these days, especially now that the internet is a major part of our everyday lives and most businesses, as well as governmental agencies, rely on it for everything from record storage to operations. Cybersecurity professionals are employed or contracted with most corporations and government agencies and a majority of mid-to-large sized businesses. It has become a necessity. As the internet has grown so, too, have the threats.

Cybersecurity helps protect individuals, businesses, and governments from people who seek to gain access to systems illegally and create havoc through:

  • Viruses
  • Phishing
  • Man in the middle attack
  • Password breach
  • Denial of Service attack
  • SQL Injection
  • Ransomware

These attacks can destroy computers and digital devices like tablets and smartphones. They can deceive people into giving out their login information that impact financing, work, email, and other sensitive areas. They can invade a system and steal information, including people’s identities, which leads to identity theft.

Cybersecurity professionals are the rockstars of the computer world today. There are many different positions in the field and can be found in businesses, voluntary agencies, government agencies, and for individuals. They can work as:

  • Ethical hackers
  • Source code auditors
  • Security architects
  • Computer crime investigators
  • Security consultants
  • Cryptographers
  • Security analysts

Students entering computer science programs who are interested in cybersecurity have plenty of opportunities in a variety of areas.

When did ethical hacking start?

The term “ethical hacking” was first used in 1995 by John Patrick, IBM Vice President. The practice had already been around for decades, but Patrick gave it a name and a platform.

Hacking didn’t always have such negative connotations. In the 1960s, engineering students used the term to indicate various methods of optimizing machines and systems to increase their efficiency. In fact, early hacking was more in line with ethical hacking.

By the 1980s and into the 1990s, personal computers became more popular and more widely used. Computer programs were used to store confidential records and personal information which caught the interest of hackers with not-so-great intentions.

These “black hat hackers” became digital trespassers and thieves. They used their hacking skills to access private computers and destroy records, access financial accounts, steal data, and blackmail businesses into paying massive sums of money.

White hat hackers emerged to combat the nefarious intentions of black hat hackers. These ethical hackers act as security specialists, exploring the system to identify security holes and areas that are vulnerable to hacking.

There are also grey hat hackers, a blend of ethical and unethical hackers. This type of hacking is typically done at the national level for the security of government agencies.

Today, there are certification programs for ethical hacking. It has become a very big business in the computer world.

What is the largest data breach so far?

The biggest data breaches in history have occurred since 2005. As businesses and governments made the move from paper to digital records and information, data breaches increased in frequency and intensity.

In 2005, the Privacy Rights Clearinghouse reported 136 data breaches. Since then, more than 4,500 data breaches have been announced publicly. However, experts estimate that the numbers are actually much higher.

To date, the award for the largest data breach of all time goes to Cognyte. They reported a data breach was in excess of 5 billion records. Over a four day period, the database was exposed, leaving 5,085,132,102 records vulnerable that contained information including:

  • Name
  • Email address
  • Password
  • Data source

The sources of data included Canva, MySpace, Tumbler, Zoosk, Rambler, Appen, MGM, and more.

What is the future scope of cyber security?

Experts looking ahead at the future of cybersecurity have some sobering warnings. Cloud computing will become an increasing target for hackers. It also looks like passwords aren’t going anywhere even though there has been talk of alternatives that are less of a risk and more effective in securing systems. AI tech is also expected to continue its incredible growth and become a key component in cybersecurity, especially in securing sensitive information like healthcare records.

Unfortunately, data breaches are expected to continue to increase. This is unsettling to say the least, especially when considering the growing reliance on computer systems to store data. Some experts say that not only will the breaches be more prevalent, they will be more devastating.

At Monroe College, we have a rich and exciting computer science degree program. Choose from a number of degrees including a bachelor's in computer networks and cybersecurity, computer information systems bachelor's degree, master’s in computer science, and more.

Are you interested in learning more about cybersecurity and computer science degree programs at Monroe College? We have several programs that will help you get started in a career in cybersecurity, whether you are just starting out, want to increase your skill set, or make a career change. Talk with us and request more information, or apply today!