Cybersecurity: A timeline

As we’ve discussed in previous posts, the intricacy, effectiveness and scale of cyber attacks have evolved significantly. However, as cybercrime has become more sophisticated, so has the procedures and security to defend against it. Take a look at the following timeline of cybersecurity in the United States over the past 30 years.

The first computer worm (late 1980s-early 1990s)

The first worm ever distributed via the internet was called “The Morris worm”. It gained widespread media attention and resulted in the first felony conviction in the US under the 1986 Computer Fraud and Abuse Act. The worm was initially written and created by a graduate student at Cornell University named Robert Tappan Morris. It was launched on November 2, 1988 from a computer at Massachusetts Institute of Technology and was the first widespread instance of a denial-of-service (DoS) attack. At the time, the worm had a devastating effect on the internet, both in overall system downtime and in psychological impact on the perception of security and reliability of the internet.

The first viruses (1990s)

In the 1990s, viruses began effecting home computers as email use increased. Notable malware included Melissa (the first widespread email worm) and Kak – the first and one of the very few true email viruses – both in 1999. Also during this time, the macro virus was created and deployed. These viruses took advantage of productivity suite documents which allow computer macros to be embedded within the document for advanced calculations or visual effects

Personal attacks on credit cards and identity (2000s)

In the 2000s, we saw the first serious and impactful data breach of credit card numbers. Between 2005 and 2007, Albert Gonzalez masterminded a criminal ring that stole information from at least 45.7 million payment cards used by customers of US retailer TJX, which owns TJ Maxx, and UK outlet TK Maxx. This is where things became more serious because the data involved in these breaches was regulated by government. Therefore, these incidents required the notification of authorities and for funds to be set aside to compensate victims. During this time, major companies began to realize the severe consequences of being unprotected and began to arm themselves with more sophisticated security systems

The present

In the present era, many have come to realize that cybercrime has become so sophisticated that its ever evolving nature will always make it impossible to prevent. From this realization, the focus has shifted to how an organization responds, as challenging as it may be, once a breach has occurred. While not every incident can be prevented, a proper response plan that is practiced and prepared can go a long way in preventing further damage.

What cybersecurity attacks and prevention plans do you see occurring in the next decade? What can companies do now to evolve with cybersecurity threats? We’d love to hear your thoughts and opinions below!