Living in the 21st century means welcoming the age of data, interlinking with one another enables us to communicate and cooperate in endless ways. We can access data remotely anywhere with just our fingertips, and enrich ourselves with information, however, data can be destructive if used in a malevolent way. As more vital data travels between networks, an increase of international and domestic cyber terrorism has erupted, therefore an urgency to defend and secure any organizations assets is critical now.
Cyber Security wasnt always in demand, it first made an appearance accidentally during a research project conducted by Bob Thomas. Bob concluded it was feasible for a computer program to navigate across a network while leaving a trail behind it. This discovery led him to the creation of his program named Creeper which its sole purpose was to travel across Tenex terminals on the ARPANET (Advanced Research Projects Agency Network the first network to use the TCP/IP protocol) while leaving the message. IM THE CREEPER: CATCH ME IF YOU CAN.
The creator of electronic mail or better known as Email, Ray Tomlinson, was intrigued by this discovery. This keen interest led to him dabbling with the program where it would clone itself, thus creating the first computer worm. As a result, he also created a program that would hunt Creeper and delete its trail, thus the creation of the first anti-virus was born.
During the 70s and 80s majority of computer threats were clear since most of them were from insiders reading documents that they werent supposed to. It wasnt until 1986 when a German computer hacker fully exposed the strength of cyber power as arsenal. The German hacker, Marcus Hess, was able to hack an internet gateway allowing his connection to discreetly navigate ARPANET. This resulted in him hacking mainframes in the Pentagon, and about 400 military computers with the sole purpose to sell classified information to the KGB. Nonetheless he was uncovered by Clifford Stoll whom noticed an encroachment and formulated a technique to expose where the invasion was deriving from. This is considered a turning point in the history of Cyber Security as viruses began to convert themselves from harmless jokingly academic ventures into more serious threats with potentially devasting consequences.
As the network connectivity increased viruses like the Morris Worm almost erased the early stages of the Internet. During 1988, Robert Morris sought to obtain the magnitude of the Internet. By constructing a program which enable it to replicate itself while spreading across networks via Unix terminals. This had perpetual effects on the internet and Robert Morris. The internet slowed down with indescribable damage and Morris was the first person to be charged under the Computer Fraud and Abuse Act. On a more positive side, this led to the development of the Computer Emergency Response Team, which focuses mainly in researching any issues that has the potential to affect the internet in general. After the Morris Worm more harmful viruses started to surface affecting more systems, thus emerging in 1987 the first true anti-virus company. Attackers now are finding new and more complex ways of penetrating networks. For example, lateral movement techniques are a way where hackers can disperse commands, run codes, and expand across networks. Leading to the discovery of EternalBlue it works by exploiting the SMB protocol used in file sharing via networks. In April of 2017, a group of hackers, Shadow Brokers, leaked this to the world which led to a worldwide ransomware attack, WannaCry, a couple of weeks later.
The effect of the ransomware, WannaCry was immense. In a matter of 24 hours, the infection had exceeded over 150 countries and more than 230,000 computers. Although Microsoft knew about this vulnerability for 91 days and patched it. The infection was still able to expose it. Overall, its estimated that roughly 1.3 billion endpoints were infected. Unfortunately, in the United Kingdom this attack handicapped the National Health Service, which resulted in the cancelation of 20,000 appointments and operations, however, its unknown if this caused lives to be at risk due to the cancelations. Each day attackers are introducing different ways of endangering devices some examples are, using PowerPoint to run malicious code, as well as Microsoft Word. Another one is installing trojans in your computer to in order to mine for cryptocurrency, or email spam to deceive the user.