Every year in October since 2004, governments, educational institutions, and businesses observe National Cybersecurity Awareness Month (NCAM) and raise awareness of the importance of cybersecurity by participating in events, activities, and training. This approach seeks to ensure that all Americans have the resources they need to stay safe and secure online.
But how exactly did cybersecurity start? How did organizations become aware of information security? When and how did these viruses and hackers evolve as well? This blog provides a brief history and evolution of information security. It was the 1960’s when organizations started to secure their computers physically, since there was no networking prior to that time. They were more focused on physical measures and preventing people with enough knowledge to have access, as well as implementing fire safety measures to ensure stored data was protected. During the 1970’s, the history of cybersecurity began with a project by a researcher, Bob Thomas, who created the first ever computer worm, displaying the infected screen “I’M THE CREEPER: CATCH ME IF YOU CAN.” The same year Ray Tomlinson – the man who invented email – created “Reaper,” the first antivirus software that deleted “Creeper.” In 1988, the first denial-of-service-attack incident, which was created by Robert Morris, occurred; he named the worm after himself, the “Morris Worm.” Morris thus wrote a worm program that would propagate across a set of networks, use a known vulnerability to infiltrate terminals, and then replicate itself. Surprisingly, the code made the worm replicate excessively, causing the internet to slow down to a crawl, and the network clogged causing untold damages. It was the Morris worm that triggered the new field of computer security, where people started researching and creating newly evolved worms and viruses. In return, it also led to the rise of firewalls and antivirus solutions to counter these evolving viruses, which happened in the middle of the 1990’s. When the internet became available to the public, network security threats surged. The very first firewall program was created by a NASA researcher to prevent and minimize the spread of viruses. Because of the increasing cyber-attacks at that time, the early 2000’s saw the government passing more serious sentences on cybercrime as compared to the 1980’s, when hackers were given lighter punishments. The early 2000’s also saw the passing of the Federal Information Security Management Act (FISMA), which required every federal agency to have information security. FISMA was part of the E-Gov Act of 2002.
Information security continued to evolve and adapt to the dynamic changes of viruses, and so too the hackers. Overtime, the rise of technology also ushered in the rise of complicated hackers that caused disruptions to large businesses. Major data-breach attacks occurred like Yahoo!’s in 2013-2014 where three (3) billion users’ personal identifiable information (PII) and accounts were compromised. Yahoo! paid a fine of $35 M and lost $350 M in sales. The first “ransomworm,” was the WannaCry virus in 2017, which targeted the Microsoft Operating System and infected over 230,000 computers in just one day.
Fast forward, with the help of our cyber experts and security researchers, Information Security is constantly upgrading and to mitigate and stay ahead of viruses and cyber criminals. But cyber security, as we all hopefully know, is not just an individual responsibility but a shared responsibility by all of us to protect information’s confidentiality, integrity, and availability.
Cybersecurity awareness is one of the many ways that we can participate and help secure networks, which we use every day. Remember, “Safety starts with awareness, awareness starts with you!”
IT Systems Analyst