The History of Cybersecurity

When participating in certain online activity, such as personal messaging, shopping or banking, users are routinely asked to provide personal information. Buyers verify the identity of sellers, corporations verify employee credentials, and lending institutions verify the identity of everyone using secure transactions. Cybersecurity is essential to protect this and other information from unauthorized parties.

The early years

Early IS efforts identified confidentiality, integrity and availability as primary security factors. The security term “CIA Triad” was derived from these three words. The CIA Triad eventually evolved into the Parkerian Hexad. Facets of the Hexad include confidentiality/control, information integrity, authenticity, availability and utility. The Hexad leans heavily upon authentication and cryptography in order to guard against threats.

During the early years of computing, the mainframes used by the military were connected through dedicated phone lines to form ARPANET, the precursor to the modern internet. While this allowed easy synchronization of information between data centers, it also provided unsecure points between the data centers and the public. This vulnerability was addressed by securing physical locations and hardware. A task force formed by ARPA (Advanced Research Projects Agency) to study internet security in 1967 found this method to be inadequate, and the Rand Report R-609 determined additional steps must be taken to improve security. This report marked an important stage in the development of today’s cybersecurity.

Some early security efforts focused on the mainframe operating system. MULTICS (Multiplexed Information and Computing Service) was an effort by MIT, Bell Labs and General Electric to build security into mainframe operating systems using multiple security levels and passwords. It became obsolete when the era of personal computers arrived.

Computer hacking becomes mainstream

Individuals found different ways to penetrate early telephone and computer networks. In the 1970’s, “phreakers” exploited vulnerabilities in the telephone network to make free long distance phone calls. The FBI arrested a group of six teenagers in Milwaukee in the early 1980’s for hacking into 60 different computer networks. The Milwaukee 414s (named for their area code) did it for a challenge, but when the First National Bank of Chicago was hacked for $70 million, it became clear that this wasn’t just a hobby for kids.

More computers became targets in the 1990’s as more people put their personal information online. Organized crime found that computer hacking could provide a lucrative source of income. By the year 2000 the internet became a multitude of unsecured networks, each one offering a possible exploit. This unsecured network continues to grow. Threats now come from organized crime, from businesses using “black hat” techniques, and from foreign states wishing to steal classified government information. Some corporations have even been known to hack their competitor networks in order to steal or sabotage vital information.

Cybersecurity today

Today’s online consumers routinely deal with spyware, adware and malware, which present threats ranging from simple annoyance to password theft. Taking steps to increase personal data security, limiting data exposure and sharing information about online threats is one way cybersecurity has evolved. The increased use of anti-viral software is another. Government agencies and businesses routinely invest millions of dollars to study threats while constantly testing and improving information security.

What threats are on the horizon? State-sponsored hacking is already an industry in itself. Individual privacy may lessen as governments and law enforcement agencies aggressively monitor email and personal communication. Mobile apps and service providers will likely be under an increasing number of attacks, as well.

These problems are exacerbated by the mindset of many groups who believe that copyright and intellectual property laws represent a limitation or infringement upon their rights.

The number one threat?

The biggest future threat to cybersecurity may be a lack of skilled and educated cybersecurity professionals in the industry. There is an ongoing need for network security engineers, information systems security engineers and other digital security specialists. These are fast paced, dynamic careers that require curious individuals who understand digital communications and software, and value the structure of a regulated environment.