Brief history of cybersecurity and hacking
Nowadays, we’re all very aware of the risks of cybercriminals and hackers. But the practice is actually much older than our naughties era, and even quite a bit older than the 1995 film Hackers, starring Angelina Jolie.
So who was the first hacker in history? Where did hacking originate? And what were the biggest and most infamous computer hacks of all time? We’ll delve into the murky past of cyber criminality to bring you a brief history of hacking.
Where did the term “hacker” originate?
The word “hacking” has been used to describe “cutting in a rough and violent way, often without aiming exactly” since around 1200 B.C., and it didn’t have any association with tech until midway through the 20th Century.
“Hacking” was first used in relation to using technical know-how back in 1955 at a meeting of the Technical Model Railroad Club. In the meeting minutes, it was used to describe how members modified the functions of their high-tech train sets.
Throughout the 1960s, the term became broader to encompass the growing legions of computing enthusiasts. And by 1975, one of the accepted definitions of a hacker by The Jargon File was, “A malicious meddler who tries to discover sensitive information by poking around. Hence password hacker, network hacker.” This was the first time the word was on record as being associated with cybercrime.
Nowadays, the term “hacker” can be used to describe any skilled computer programmer, although it’s usually synonymous with “security hacker." A security hacker uses technical knowledge of bugs or vulnerabilities to exploit weaknesses in computer systems to access data that they otherwise wouldn’t have permission to view. Security hacking is usually illegal and can result in hefty fines or even a prison sentence.
Who was the first hacker in history?
John Draper, also known as Captain Crunch, is often named as the first ever hacker. And rather than having lots of high-tech hacking tools at his disposal, he managed to do it all with a toy whistle from a cereal packet. Here’s how:
Back in the early 1970s, the largest computer network accessible to the general public was the telephone system. And at the time, telephones were managed by an automated system that used specific analogue frequencies to place calls. Draper managed to exploit this using a toy whistle that came free in boxes of Cap’n Crunch cereal (hence the nickname). He would use this to make free long distance and international calls. This technique was known as “Phreaking”.
The first internet hacker
One of the first internet hackers, and certainly the first to gain mainstream media attention, was Robert Morris back in 1989. His was the first “Denial of service” attack in history and it was caused by a worm Morris had developed at Cornell University the year before.
According to Morris, he didn’t intend to cause any harm, but rather to highlight security flaws. But unfortunately, due to a fault in the code, the worm replicated excessively, causing extensive damage that lasted for days.
What was the biggest hack in history?
Data breaches and hacks happen every day. In fact, these occurrences are so mainstream now, it takes something pretty huge to make headlines. And when I say huge, I'm talking millions of accounts being hacked at once.
Here are some of the biggest hacks of all time:
Total accounts impacted: 3 billion
Arguably the biggest hack in history, Yahoo’s epic data breach happened back in 2013, although Yahoo didn’t admit the extent of the problem until 2016. The names, dates of birth, email addresses passwords, and security questions and answers of all 3 billion users were compromised. This included users of Tumblr and Flickr.
2. First American
Total accounts impacted: 900 million
In May 2019, First American Financial Corp., an American real estate and mortgage insurer, revealed that it left a whopping 900 million sensitive customer files exposed.
Although it’s not clear whether any of these files were hacked, there was a lot of very sensitive data left vulnerable to cyberattacks, including Social Security numbers and bank account information.
Total accounts impacted: 500 million
In November 2018, Marriott International announced that someone had gained “unauthorised access” to its guest reservations systems, meaning that 500 million guests could have had their accounts hacked. These accounts had incredibly sensitive data, such as names, passport numbers and credit card details.
And as if this wasn’t bad enough, the breach wasn’t discovered for nearly five years, meaning whoever had “unauthorised access” remained in the system for a very long time.
4. Adult FriendFinder
Total accounts impacted: 412 million
In its second hack of 2016, swinger website Adult FriendFinder announced that as many as 412 million users had their personal information exposed.
5. My Fitness Pal
Total accounts impacted: 150 million
At the beginning of 2018, the usernames, email addresses, IP addresses and encrypted passwords of around 150 million customers were stolen from the popular fitness app. The stolen data was then put up for sale a year later.
MyFitnessPal acknowledged the breach and told customers to change their passwords, but they didn’t share how many accounts were affected, nor did the company give any details on how the attackers gained access to the data.
Total accounts impacted: 143 million
In 2017, Equifax announced that the personal data of as many as 143 million people had been compromised. Given that Equifax stores the credit histories of millions of American citizens, there was a lot of very sensitive information at risk of being stolen.
7. Capital One
Total accounts impacted: 100 million
Last year, a hacker by the name of Paige Thompson was accused of breaking into a Capital One server and gaining access to a wealth of digital data. This included Social Insurance and Social Security numbers, bank account numbers and credit scores and limits, as well as names and addresses. In total, more than 100 million Capital One customer accounts may have been compromised.
The History of hacking: a timeline
- The first email is sent on ARPANET. Ray Tomlinson creates the standard email addressing system using “@”to separate the username from the domain address - a format we still use today.
- John Draper hacks phone systems to make free long-distance and international calls.
– Bill Gates and Paul Allen found Microsoft.
– Apple Computers are founded.
- Robert Morris unleashes a worm that slows down internet speeds and causes significant damage to internet speeds and functionality.
- In the first known ransomware attack, Joseph Popp uses floppy disks to distribute malware in order to extort money.
- The “Unauthorized access of your computer system” act was passed in the UK, making any unauthorized access of a computer system illegal.
- The contemporary Secure Sockets Layer (SSL) was created to encrypt communications between a computer and a remote server.
– The release of Windows 98 leads to cybersecurity becoming mainstream for everyday users.
- Over 10 million Windows users get their emails infected by the “Love Bug," which was the fastest spreading worm in computer history at the time.
- The US Homeland Security Act passes, by which the Department of Homeland Security is created. One of its primary purposes is the protection of cybersecurity.
- Anonymous, the nebulous group of hackers, makes its first moves. This vast network of users often acts to protect the privacy of regular users.
- Anonymous hacks the Church of Scientology website.
- A series of cyberattacks named Operation Aurora are conducted by advanced persistent hacking groups, such as the Elderwood Group. Based in China, the attacks were linked to the People's Liberation Army.
- Yahoo’s mass data breach took place, leading to 3 billion accounts being compromised.
- WikiLeaks publishes private documents from hacked Democratic National Committee emails, having a huge impact on that year’s US presidential election.
I froze my data at all 3 credit bureas & add a fraud alert as well. All of my financial accounts have 2FA added for additional security. And my credit cards that I use frequently have alerts for all charges.
One of my bank credit cards monitors my credit report & alerts me to any unusual activity.
Congress needs to pass laws to protect us. There should be fines for all breaches with minimum compensation ($500-1,000?) & more based on the impact to individuals, to force companies that hold our personal data to notify us immediately, to deploy the latest cyber security measures, and to allow litigation for increased damages. Holders of our personal data should face financial losses if they and/their 3rd party vendods fail to properly secure our data.
Your email address will not be published. Required fields are marked