Cybersecurity is the process of protecting computers, systems, servers and mobile devices from malicious attacks. This security field has become significantly important in the past two decades, with the continuous development of computer systems and the increasing reliance on mobile phones and artificial intelligence.
Initially, the first cyber virus was developed by a developer’s mistake, with no intention to cause harm. However, it didn’t take criminals long to take advantage of such a mistake and work on developing more complex malware to facilitate cybercrime. To keep up with the evolution of cybersecurity and cybercrime, legislation regarding these two fields has also been developing.
In this article, we trace the first cyber virus and the birth of the cybersecurity field up to its importance in our everyday life.
The Beginning of Cybersecurity (the 1970s – 1980s)
By the end of the 1960s, the use of computers began to spread in different sectors. One pressing issue to deal with was the need for many users to access data at the same time. This practice created enormous loading pressure on the networks since neither the computers nor the networks were developed enough to handle a significant number of users at the same time.
Developers designated two processes to regulate user access to data. The first was Period Processing, which gave first-level users access to finish their processes on the network before giving the second-level users access to complete theirs, which meant that each level of users would run their processes for a given time.
The second regulating process emerged by the late 1970s and was called Sub Connections. In this process, a team of users needed to fulfil the first cybersecurity requirements for the next level of functions to take place. This process meant that every level of function was built atop the previous levels, and as the levels increased, the access and complexity of the functions increased as well.
The Invention of the Creeper and the Reaper
During the 1970s, researcher Bob Thomas created the first virus, known as Creeper. He created it to move through the network of ARPANET while leaving a trail as it moved through the network. On the other hand, the inventor of the email, Roy Tomlinson, created another software called Reaper. Reaper was able to track down Creeper over the network and delete it.
The Creeper was the first attempt at creating self-replicating malware, a virus. The Reaper was the first attempt at creating antivirus software which was able to track down and erase the virus. Bob Thomas was later able to create what is widely perceived as the first computer worm, as the programme moved from one network to another without causing any damage.
The Invention of the Commercial Antivirus
There are different claims as to who was the first to create the first commercial antivirus. The beginning goes back to 1987 when four giant companies released their cybersecurity products. Innovators Andreas Lüning and Kai Figge released their first product for the computer line Atari ST. This computer line also received the Ultimate Virus Killer software in the same year.
Three innovative Czechoslovakians created the first version of the now worldwide known antivirus NOD, and John McAfee founded the McAfee cybersecurity company in the US and launched the fourth antivirus software, VirusScan.
How Cybersecurity Evolved (the 1990s – 2000s)
During the 1990s, the internet became available to more significant numbers of people, who, in turn, began to share more of their personal information online. A considerable number of corporations and governments as well started to incorporate the use of the internet in their work environment to facilitate their employees’ tasks. This widespread use of the internet created the ultimate opportunity for cybercriminals to develop their cyberattack skills.
As a result of this rise in cybersecurity attacks, it was imminent to produce cybersecurity software on a larger scale to help protect the increasing amounts of shared data online. By the mid-1990s, antivirus software was exponentially produced as the complexity of cyberattacks continued.
By the 2000s, the involvement of criminal organisations in more professional and consistent cyberattacks meant these attacks became more serious and damaging. Different governments began conducting politically-motivated cyberattacks against rival governments, adding a serious side to cyberattacks. Attacks until then were mainly motivated by profit.
Following a series of damaging cyberattacks during the 2000s and 2010s, world legislators began to pay more attention to criminalising these attacks. Such notorious attacks include the MafiaBoy attack in 2000, the theft of millions of credit card credentials and information in 2009 and the cyberattack on Google China in 2009.
The Computer Fraud and Abuse Act in the US was initially enacted in 1986 as an amendment to the computer fraud law. During the 1990s and 2000s, legislators amended the act several times to accommodate the increase in cyberattacks. These amendments aimed at widening the scope of criminalisation of actions deemed as harmful in the virtual world.
The Present of Cybersecurity (2020 onward)
The rapid development of internet-dependent services, increased incorporation of the Internet of Things or IoT technology, AI, online banking and the creation of complete virtual worlds online in the past years is a double-sided weapon. On one side, this development will help the environment greatly and save time and space. But on the other side, unimaginable amounts of data are available online and are potential targets for cyberattacks.
In the two years of the raging Covid-19 pandemic, 2019 and 2020, there was a pressing need for organisations to migrate their databases to cloud services. This migration allowed employees to access their company accounts and network from home in order to keep the workflow going. Cloud migration created a new level of threat to the cybersecurity of organisations.
The vast amount of data transferred online as a result of the pandemic represented a golden opportunity for cybercriminals. Statistics show cybercrime complaints during 2020 amounted to more than 800,000. Twenty-seven per cent of cyberattacks during the pandemic targeted banks and healthcare systems, and a staggering 47% of employees stated they fell to phishing scams through email during the first months of the pandemic.
The Rage of Ransomware during Covid-19
Ransomware proved to be the most dangerous form of cyberattack during the last few years. The first half of 2020 saw a 72% increase in ransomware attacks, according to the KPMG report of the same year. One of the most alarming facts in 2021 is that more than 45% of organisations hit by ransomware attacks paid the required ransom, while only 61% were able to get their data back. This process brought total ransoms paid to more than $1 billion and caused losses of more than $159 billion of downtime.
All the previous factors brought the size of the cybersecurity market to more than $197 billion in 2020. This number is expected to reach $345.4 billion by 2026 and $478.68 billion by 2030. Cybercriminals are likely to conduct a ransomware attack every 11 seconds this year, which will increase global costs to more than $20 billion.
In 2022, LockBit remains the main ransomware threat, with more than 62% of ransomware attacks throughout the year, with more than 430 attacks carried across 61 countries worldwide. The most successful method of counteracting ransomware attacks is data back-up, encryption and avoiding paying the ransom at all costs. If you constantly back up your data and encrypt it, a cyberattack that encrypts the data and threats to wipe it wouldn’t pose any problem.
Why is it important to learn about the history of cybersecurity?
“The past is a window into the future.”
Learning about the history of cybersecurity helps us understand how cybersecurity threats evolved in the past years. Unfortunately, every technological advance in the cybersecurity field was mirrored by a similar advance in the cyberattack field. Cybersecurity professionals might be standing on their toes to prevent future cyberattacks, but hackers are as well and they don’t seem like backing down.
Who should learn about the history of cybersecurity?
Cybersecurity and IT professionals are the main two categories who should learn about the history of cybersecurity; it is an integral part of their studies and work. As an individual, you needn’t learn every detail from this history, general knowledge of it would suffice.
If you’re not a cybersecurity professional or work in IT, we remain firm that you should learn about cybersecurity. There are numerous common cybersecurity topics that we believe everyone should learn about, whether they work in the field or not. These topics will help solidify your protection and readiness in the face of any possible cyberattack.
Moreover, we believe everyone should learn is the common cybersecurity threats, which can affect your every day life by compromising your data. This is rather important because cybercriminals are going back to their roots in an attempt to revamp numerous viruses and worms, to make them invincible against detection methods.
Cybersecurity evolved at the speed of time to keep up with the fast movement of the technological world. Proper cybersecurity software, data back-up, data encryption and, most importantly, proper training of the human force pose the best methods in diminishing the threats of cybercrime.