In 1970, the world experienced its first “cyber attack” – What first started as a harmless joke, paved the way for a new wave of criminality - cybercrime. Since then, attacks have become more sophisticated with the use of malware, ransomware, and phishing attacks, among many others. In fact, according to Security Magazine, today’s hackers attack computers with Internet access every 39 seconds on average.
Cybersecurity companies have evolved over the years to stay ahead of the cybercrime industry, but in order for us to explore where the future of cybersecurity is headed, we must understand its origins. Let’s take a closer look at the evolution of cyberattacks and their respective cybersecurity solutions.
A history of cyberattacks
Below, we detail a number of cyberattacks that have shaped the cybercrime industry.
Creeper and Reaper
We can thank Bob Thomas, BBN Technologies engineer, for creating the first computer virus. In early 1970, the engineer wrote the code to a program that could move between computers and display a message once it landed. The message said, “I’m the creeper: catch me if you can!”. In response to this ‘joke’, Thomas’ friend and coworker, Ray Tomlinson (the soon-to-be founder of email), wrote another code that could not only move from computer to computer but could duplicate itself as it traveled. This then eliminated the ‘Creeper’ and the new code became known as the ‘Reaper’. A little more than an annoyance, Creeper and Reaper were the start of a long history of cyberattacks.
The Morris worm
In 1989, the Morris worm was the first-ever denial-of-service (DoS) attack. Created to gauge the size of the internet, says creator Robert Morris, the worm significantly slowed down every computer it infected. It could infect the same computer multiple times until it eventually crashed. After proposing to shut down the internet as a solution to the Morris worm, Computer Emergency Response Teams (CERTs) were created to respond to future cyber emergencies. This instance resulted in the first conviction under the Computer Fraud and Abuse Act of 1986.
The virus era
The 1990s were deemed the “Virus Era”. Viruses such as I LOVE YOU and Melissa infected tens of millions of computers, causing email systems to crash around the world and costing millions of dollars. Unfortunately, most of the emails that were compromised were unintended victims of inadequate security solutions. Primarily focused on financial gains or strategic objectives, these attacks became headline news as they took center stage in the world of cyberattacks.
The birth of cybersecurity
While these cyberattacks opened a new space for cybercriminals, they also taught the world that with greater connectivity comes greater threats and thus, cybersecurity was born.
The Advanced Research Projects Agency Network (ARPANET)
Establishing computer security was a must. The Advanced Research Projects Agency (ARPA) and the U.S. Air Force worked together with several other organizations to develop a security kernel for the Honeywell Multics computer system. This project explored an operating system that could secure, identify (when possible), and automate techniques for detecting software vulnerabilities. Security then became an important and challenging conversation in computer development.
As the world experienced more and more cyber attacks, the race to develop the first antivirus solution became even more competitive. In 1987, the first antivirus products were released, Ultimate Virus Killer (UVK), the first version of NOD antivirus, and VirusScan. This antivirus software was made up of simple scanners that executed context searches to detect virus code sequences.
Many of these scanners included ‘immunizers’ which modified their programs to make viruses think the system was already compromised and therefore, would not attack them. While the immunizer solution was a step in the right direction, it quickly became ineffective from the increased number of viruses present across the Internet’s attack surface.
The first firewall made its debut in 1988 with ‘packet filter firewalls’. Packet filters inspect the "packets" that transfer from a computer to the internet, and if a packet matches the packet filter’s rules, the packet filter will drop the packer or reject it. This simple design quickly became a highly technological security feature that would soon become the first line of defense for millions of networks around the world.
Solutions for enhanced cybersecurity
The need for enhanced security and detection only became more important as cybercriminals continued to outsmart the weak firewalls and underdeveloped antivirus solutions. Companies hired incident response teams to investigate security breaches, but their services were far from cheap. To stay on top of cyber threats and breaches, companies needed to look toward long-term solutions that were easy to manage and provided adequate security for their organization.
Here are a few of the systems that companies have implemented to enhance their cybersecurity status:
Continuous monitoring solutions
Continuous cybersecurity monitoring is a threat detection strategy that helps maintain compliance, security, and support business growth. Implementing a cybersecurity monitoring solution will identify all data and vulnerabilities within networks, systems, software, and devices. This is extremely important when looking to optimize your network's cybersecurity posture. An example of this is an intrusion detection system (IDS). An IDS is a software application that constantly monitors a network for policy violations or malicious activity. Any violation or suspicious activity is reported or collected using a security information and event management system. The different types of IDS’s consist of:
- Network IDS- Analyzes incoming traffic.
- Host-based IDS- Monitors important operating system files
- Perimeter IDS- Detects the presence of an intruder.
- Virtual Machine Based IDS- A combination of network, host-based, and perimeter IDS systems that is deployed remotely.
Managed cybersecurity services
A managed cybersecurity service is an extension of your organization's existing or non-existing IT department, meaning that they assist in all processes of network security. Some key features they provide include:
- Security audits and assessments- Evaluation of organizations’ security status, which provides insight into existing network vulnerabilities.
- IT security staffing- Expert advice, insight, and assistance from industry professionals that can support a strong cybersecurity posture.
- Solution implementations- Develop and implement strategic cybersecurity solutions that are unique to your organization.
In addition to laws and regulations, cybersecurity frameworks help guide federal and private organizations to secure their networks. For example, in 2018, the US Department of Homeland Security strategy introduced guidelines that an organization can use to detect and identify risks -- highlighting techniques to lower threat levels, reduce cyber vulnerabilities, and recover from a cyberattack. Here are the five main functions of a cybersecurity framework:
- Identify- Examine and categorize any cybersecurity risks that your organization may have within its systems, assets, and data.
- Protect- Introduce cybersecurity monitoring programs, firewalls, and even physical security controls by locking the door to your data center.
- Detect- Establish a clear methodology in case of a cyberattack so that everyone in the organization is informed on the proper protocol.
- Respond- Have an incident response team at the ready.
- Recover- Establish a recovery plan. This should include directions on how to restore crucial functions and services, as well as what kind of temporary security control can be implemented.
What’s next for the cybersecurity industry?
If we knew for certain, we would be exposing the playbook for cybercriminals. What we do know is, what first started as a simple cyber prank turned into devastating online attacks that need to be prevented. Cybersecurity will continue to expand and grow, and cybercriminals will be right behind these new trends. It is likely that cybercriminals will continue to leverage new technologies such as artificial intelligence, blockchain, and machine learning in their upcoming attacks. This means that researchers and security experts need to focus their efforts towards leveraging the benefits of these emerging technologies to get ahead.
If you're wondering what you can do to prevent attacks on your network, start by implementing security best practices into your organization and dedicate time to establish a strong security posture. SecurityScorecard has helped millions of organizations monitor their security posture through continuous monitoring solutions and risk ratings that give real-time insight into their vulnerabilities.