Let’s face it, cybersecurity now has to be a major point of emphasis for the modern business. With the immense amount of threats out there, cybersecurity it has grown into a multi-billion dollar a year industry, with no limit in sight. Just a few decades ago, there was no fileless malware, no ransomware, no botnet army lying in wait to DDoS corporate data centers into oblivion. Today, we take a look at the brief (albeit rapidly growing) history of cybersecurity.
The beginning of cybersecurity started as a research project. One man realized that it was possible for a single computer program to move across a network, but leave a trail behind. That’s when he decided to write the code that became the “Creeper”. Sure enough, the Creeper worked and traveled between Tenex terminals on the old ARPANET leaving a message “I’M THE CREEPER : CATCH ME IF YOU CAN” behind.
When Ray Tomlinson, the inventor of e-mail, saw this, he changed the code to make it self-replicating. This was, in effect, the first computer worm. Tomlinson then wrote a code called “Reaper” that chased down the replicating Creeper code and deleted it. This was the invention of antivirus software.
Cybercrime started in a time before the personal computer. In a time when networking was brand new, most connected computer terminals had no security at all. This came to the attention of Soviet hackers who used code created by academics to infiltrate and steal information off of insecure computing networks. This came to the forefront in 1986 when German hacker Marcus Hess hacked an internet gateway hosted at the University of California at Berkeley. He used a connection to that system to hack into 400 computers connected to the ARPANET, including mainframes at the Pentagon. For his efforts, he was caught, tried, and convicted, landing a 20-month suspended sentence.
Around the same time this was happening, the personal computing boom had started and computer viruses were starting to be developed at a dizzying rate. As more people connected to what was now called the Internet, viruses were becoming a major problem.
The late 80s and early 90s saw cybersecurity first become a priority. The Computer Fraud and Abuse Act (CFAA) was passed and companies were beginning to create very simple antivirus programs. The urgency was dialed up in 1988 after a software engineering student at Cornell University, Robert Morris, wanted to test to see just how big the Internet was getting. He wrote a program that was designed to spread across the web, get into Unix terminals, and replicate. This research project failed miserably as the code replicated so quickly that it actually slowed the Internet to a crawl and caused immense damage. “The Morris Worm”, as it was called, led to the formation of the Computer Emergency Response Team (what is known today at US-CERT). Morris, who is now a longtime professor at MIT, became the first person convicted under CFAA and received three years on probation, 400 hours of community service, and a $10,050 fine.
The Morris Worm situation not only woke up the security industry, it woke up hackers. Viruses, worms, and other forms of malware were being developed so quickly that it was impossible for security measures to work. In the early 1990s antivirus began to be developed with the design to thwart malicious code. By the time the Internet was entering homes in the mid-90s, there were already several antivirus vendors. Antivirus programs scanned the binary information on a computer and tested it against a database of individual virus code signatures. The software did a decent job of keeping viruses off of computers, but as you might expect, they found a lot of false positives. They also had a tendency to use a lot of a system’s resources to scan for viruses, leaving a computer inoperable, or frustratingly slow; something that people using commercial-grade antivirus can sympathize with.
Where there are people, there are going to be thieves. As more and more people joined the “World Wide Web” the number of different types of attacks grew. By 2007, there were nearly five million different malware strains, a number that is almost cute today. By 2015, half a million different strains of malware were being created each day.
Security began to lag behind. Antivirus couldn’t keep up with the constant stream of malware that was being created. Computers simply didn’t have the processing power to scan that fast. Over time this led to innovations in cybersecurity. Endpoint protection platforms (EPP) were developed that didn’t waste time scanning for specific code, it found common denominators in the code of all the malware and searched for that. Security was enhanced, but threats kept being developed.
This whole thing was flipped on its head with the deployment of WannaCry. WannaCry was, a ransomware, the most devastating piece of malware ever deployed. WannaCry was such a huge surprise to security professionals because the vulnerability it took advantage of was patched by Microsoft.
WannaCry worked by encrypting data and locking it away from the user. The hacker then forces the owner of the computer to pay (in Bitcoin) to get access to those files. This signaled a hard turn in the cybersecurity industry. If hackers are going to be able to deploy threats like this (or worse), it is crucial that the strategies used to ward people, resources, and data from this type of cybercrime are effective and understood. Security professionals now have developed what is called Endpoint Threat Detection and Response (EDR) services to proactively monitor systems to ensure they are not lousy with malicious code. Today, EDR solutions are the cutting-edge tool used by professionals keeping malware and other threats off of your network.
The combination of vigilance and automation are giving cybercriminals a run for their money. Unfortunately, that’s exactly what the hackers are after; and, they aren’t doing poorly. Hackers siphon at least $1.5 trillion in profits each year off the world economy. In fact, some analysts have predicted that damages from cybercrime will reach $6 trillion by 2021. Now cybersecurity is a $200 billion a year industry. Even so, security breaches are up by 67 percent over the past five years.
Today the biggest threat comes from phishing attacks. A phishing attack is a social engineering strategy designed to gain access to a secure computing system by tricking end users into providing access. The main problem with phishing, apart from the millions of messages hitting email and social media inboxes every day, is that most people that have been successfully phished have no idea until something dramatic happens. Phishing results in billions of records being compromised every year.
If you would like to know more about cybersecurity, or if you are just interested in keeping your business’ data and network safe, call KT Connections today at 605-341-3873.