The history of cybersecurity; a brief walk-around

While walking around the RSA Conference 2020, one thing that most intrigued us was the theme.

"What is the most powerful tool to combat cyberattacks? It’s you," it emphasized. "Your ideas, your creativity, and your knowledge play a huge role in protecting the digital world. That’s why the theme of RSA Conference 2020 APJ- is Human Element" the statement further added.

For years, RSA would tie its annual conference theme to an important event or major development in the cybersecurity domain. And last year they went a little further. And it’s hopefully not just us, the entire community is interested in its history. Therefore, we thought it would be fun to do a quick walk-around on the history of cybersecurity. In this blog, we chronicled some important events that led to what in the present day scenario is called cybersecurity.

As we began researching, we discovered there were several resources regardless of a common platform to retrieve information from. And, as avid fact diggers, or say data miners, or maybe for the reason that we are a cybersecurity firm and historical timelines of attacker behaviour rests in our DNA, we decided to fill the gap.

Cybersecurity, in modern times, is the greatest concern for just about everyone. But, it wasn’t even in the outline when the first draft of the internet was released half a century ago. The only focus was on putting this new networking method to work. Security did not occur to the researchers who had a mutual trust, moreover, it was next to impossible for someone else to access the novice network at that time.

Fast forward to 2021, with the internet being pervasive, technology being widespread, and cyberattacks being prevalent, it’s easy to tell why ignoring the security aspect was a major flaw. Looking back at the milestones we have covered, will reveal the lessons on where we are heading. Below are some key events to help you understand the journey we have undertaken to arrive at the modern day’s point of cybersecurity.

The Creeper Virus- March 1971

Although the idea of a computer virus was given in the 1940s by Mathematician John Von Neumann, we have chosen the 1970s, as it was the first time that a virus was discovered.

It was in 1971(the age of ARPANET) that users were surprised by a message on their computer screens mentioning “I’m the creeper, catch me if you can.” They had no idea of what it was and how it was being displayed.

Creeper was a type of computer virus that was capable of replicating itself and spreading to other systems. Created by Bob Thomas, this worm only displayed messages.

First-ever US Patent- September 1983

As computers began evolving, the competition among researchers, inventors, and tech experts to make history also caught pace. In this process, the first US patent for cybersecurity was filed by MIT for their “Cryptographic Communication System and Method”. This patent was granted under US Patent 4405829 in September 1983 and introduced the RSA algorithm, also known as the “Rivest-Shamir-Adleman Algorithm.”

First DEFCON conference- June 1993

DEFCON is among the most popular cybersecurity technical conferences in the world. It was started by Jeff Moss in June 1993 and the first session was conducted in Las Vegas which was attended by about 100 people. Today, over 20,000 cybersecurity professionals from around the world attend the conference.

SSL2.0- February 1995

SSL expands to Secure Sockets Layer and is an internet protocol that makes sharing private data online safely. Simple things like purchasing something online using your debit or credit card is secured using SSL. It was developed by Netscape after NCSA(National Center for Supercomputing Applications) had released the first web browser.

In February of 1995, Netscape came up with SSL2.0 which became the core of HTML for using the web securely. The URL suffix "HTTPS" that you see, means "Hyper-Text Transfer Protocol Secure" and means that the connection you are using is protected.

Anonymous- October 2003

The first universally known hacking group was named Anonymous. This group was composed of many online and offline users who together existed as an anarchic, digital brain. The “mask” that became the symbol of this group was inspired by the 1980’s novel “V for Vendetta”, where the main character battles against a fascist state while wearing a mask. Originally, the mask belongs to ‘Guy Fawkes,’ an English rebel who became infamous for the Gunpowder Plot of 1605 for King James’ assassination.

Anonymous drew attention when they hacked the Church of Scientology website using distributed DDoS attacks. Despite being linked to numerous high-profile hacking incidents, the main cause is confined to protecting the privacy of the citizens.

Operation Aurora- January 2010

Until 2010, disclosure of information related to security breaches was unusual. However, in January 2010, Google reported a major breach of its infrastructure in China, which changed several perspectives. This breach was called Operation Aurora and affected over 50 companies related to finance, technology, chemicals, media and more.

While what Google perceived as an attempt to access the Gmail accounts of Chinese activists turned out to be an exercise to identify Chinese Intelligence Operatives in the US.

Recent exploits and countermeasures

Data breaches on brands like Yahoo, Equifax, Target, Anthem and more have given rise to a need for stringent regulations and countermeasures in place. The EU GDPR(General Data Protection Regulation) and the new California Consumer Privacy Act (CCPA) are examples of such measures and have raised the bar for compliance.

Cyberspace has evolved into a digital battleground for companies and hackers alike. And to keep up with this, the industry needs to innovate, using advanced machine learning and adopting an AI-driven approach to analyze network behaviour and thus, prevent cyber attacks from taking place. The current times are exciting and looking back at where we’ve come from only helps us predict where we are headed.

 

Citation: https://www.rsaconference.com/apj/the-experience