Summary: From malware to hackers to corporate cybersecurity and organized crime, information security has a brief but eventful history. Here we discuss the history of information security and how it has evolved throughout the digital age.
Table of Contents
- How Did Malware Start?
- How Did Information Security Start?
- How Did Cyber Security Start?
- When Did the First Hacker Attack Take Place?
- Cybersecurity in the 1980s
- Organized Crime Gets into the Hacking Business
- Cybercrimes are Recognized in the 2000’s
- Encryption the Power Behind Information Security in the 2010’s
- Cyber Security in the 2020’s
- Three Concepts of Cyber Security
In the digital area, information abounds and is easier to find than ever before. Despite advances in cyber security, criminals seem to be one step ahead creating means and methods to steal information and use it for their own purposes. However, you might be interested to learn how information security is keeping up with these criminal minds. Here we look at the history and evolution of information security and how cybercrime continues to evolve along with changing technology.
How Did Malware Start?
Bob Thomas was the brains behind the first malware. His project was based on the realization a computer program could move across a network leaving trails behind. He created a self-replicating program that became the first computer worm. Today, computer worms’ self-replicating capabilities are used to not just infect computers, but also to remain active on computer systems it has already infected.
How Did Information Security Start?
While most people believe cyber security started back in the 1970s, the concept of information security goes back much further to February 1883. Auguste Kerckhoffs was a linguist and professor of German at HEC. On this date, he published an article in the Journal of Military Science that unwittingly provided a foundation on which all modern cryptography would be based. Kerckhoffs is now regarded as the father of computer security and Kerckhoffs’s principle was at the heart of algorithm creation. He is the originator of passwords and pin codes still so important to information security measures to this day.
How Did Cyber Security Start?
In the 1970s, the true birth of cybersecurity began with a project called The Advanced Research Projects Agency Network (ARPANET). ARPANET was the network developed prior to the internet. It consisted of two networks: 1. ARPANET for researchers and 2. MILNET for military use. MILNET required strong security measures like encryption and restricted access control. However, even in the 1960s computers were at risk due to vulnerable points of access. At this time basic computer security measures were used such as passwords to protect sensitive data.
When Did the First Hacker Attack Take Place?
In the 1970s the internet was still the twinkle in the eye of its creators. Despite there being no global network, large organizations and governments started linking computers using telephone lines. The good old modem made it far too easy to infiltrate computers, and as a result, the first group of hackers was born. They used phone lines to hack into the systems and steal valuable data and personal information. By the 1980s “hacking” became a burgeoning international crime issue. It was time to find security solutions.
Cybersecurity in the 1980s
With hacking on the rise, limited information security systems were unable to keep up with the constantly adapting hacker approaches used to break into computer systems. However, it wasn’t until a small group of teenagers from Milwaukee successfully broke into over 60 military and corporate computers that the seriousness of hacking hit the fan so to speak. Dubbed "the 414s" the teens stole over $70 million from U.S. banks. Governments perked up their ears and realized they had a crisis on their hands. As a result, they started pursuing cyberattacks and hackers as criminals although sentences were light.
Organized Crime Gets Into the Hacking Business
Ever vigilant, organized crime members caught on to the opportunities of hacking. With the introduction of the worldwide web in 1989, they realized people were putting their personal information online. This presented a new revenue source allowing them to create very intricate systems to steal data from people and governments. Although security controls such as firewalls and antivirus programs helped prevent cyber theft, at that time the internet was an unsecured playground for cybercriminals.
Cybercrimes are Recognized in the 2000’s
Since the 414s stole tens of millions of dollars, governments continued to pursue cybercriminals. However, because of the light punishments, criminals didn’t feel they had much to lose and so much to gain. As the problem escalated, governments realized hacking presented many dangers.
Punishments went from the mere five-year sentence the 414s received for stealing millions, to decades by 2010. Despite increased sentences, cybercriminals continued to use their skills to maintain anonymity and successfully infiltrate computer networks and operating systems. Therefore, experts turned their focus on prevention through network security instead of depending on criminals being scared off by the threat of jail time.
Encryption the Power Behind Information Security in the 2010’s
Although data encryption has been around since the 1970’s, beyond the 2010’s data encryption has provided a go-to approach to security to prevent unauthorized access. Encryption scrambles data to make it unreadable to hackers. Encryption can occur at multiple levels protecting not just networks, but individual digital files both in storage and during data transmissions. Organizations implement information security policies to ensure employees follow best practices to deter data breaches of their data management systems and archives.
Cyber Security in the 2020’s
According to Forbes, we need to look at the threats posed by ransomware, which continues to provide a payload to cybercriminals. More proactive malware detection is the best way to protect cloud-based data, using advanced behavioral analysis and machine learning. As well, we need to close the skills gap between cyber security experts and cybercriminals who continue to remain out front in tech advancements.
Three Concepts of Cyber Security
There are three basic security concepts applied to protect information:
- Loss of Confidentiality: When information is read or copied by a hacker it creates a loss of confidentiality. This is very serious for various types of information from research data to medical records and product specifications to ecommerce payment records. Companies, governments and institutions are obligated to protect the privacy of individuals.
- Loss of Integrity: Insecure networks and frequent access to information by various parties puts data at risk for loss of integrity. When data is altered, and the changes are unauthorized critical information is put at risk. Regardless of whether changes are intentional or by accident, the slightest change can lead to catastrophe, from medical records being sent to the wrong person, to money being deposited into the wrong account.
- Loss of Availability: The loss or erasing of critical information results in loss of availability. This negatively impacts organizations requiring information across all industries from governments to educational institutions and from businesses to network-based services.