Waypoints in Cyberspace: A Timeline of Seminal Events
Captain Crunch
1972
John Draper, also known by his handle “Captain Crunch,” is one of the most famous early “phreakers” (telecommunications hackers). With the help of a friend, Draper discovered that a toy whistle “prize” distributed in boxes of Cap’n Crunch could be made to emit a tone at 2600 hertz. This allowed him to hijack phone lines within the AT&T network and make phone calls, of any type, for free. Draper discovered a simple trick that could overcome an extremely complex system -- precisely what hackers do today. Ingenious technical tricks continue to topple highly complex telecommunications and computer systems.
Apple II
1977
Apple Computer introduced the Apple II computer, featuring a 6502 processor, 4kilobytes (KB) of RAM, keyboard, game paddles, color graphics/text interface, all for $1,300.
Hacker Forum
1979
Before the rise of email, online chat rooms and YouTube, the vast majority of hackers and computer enthusiasts had to rely on their own innate learning ability and understanding of the Internet’s intricacies. With the inexorable expansion of the Internet, message boards and forums appeared that catered specifically to the hacker community. The Hacker Forum, which first appeared in 1979, was essentially an electronic messaging board that could be accessed by dialing into a crude network. The Hacker Forum acted as a repository of information that allowed hackers of every stripe to post hacking tricks, security flaws and other tips of the trade. It also allowed them to rally resources and to communicate with each other. Less experienced hackers could now learn from more experienced hackers and rapidly improve their skills. The Hacker Forum also allowed for the rapid dissemination of programs and viruses and the creation of alliances to pool resources for advanced hacking.
TRS-80
1980
Radio Shack introduced theTRS-80 Color Computer, which retailed for $400.
414s and the Birth of the Black Hat Community
1982
Beginning in the early 1980s, hacker groups began forming that were dedicated to breaking into computer systems and, quite often, deliberately damaging them. Of these groups, the “414s” deserve special mention. Named after an area code in Milwaukee, where the six members of the group lived, the 414shacked into dozens of high-profile computer systems -- including computers at the U.S. Los Alamos National Laboratory, one of the country's key nuclear weapons development facilities. Their objective was merely to explore the Los Alamos computer systems but they reportedly damaged several data files and servers in an attempt to keep their activities secret. The six hackers were identified and captured by the FBI in 1983, and their arrest and media coverage eventually lead to many of the computer crime laws that are still in effect today. The 414s were among the first black hat hackers, dedicated to illicit activity.
Epson HX-20 and Commodore 64
1982
Epson introduced the first notebook computer, the HX-20, with 20x4 character LCD screen and 16 KB RAM, weighing 3 pounds and priced at $800. That same year, Commodore International Corp. released the Commodore 64 8-bit home computer. Some 30 million units were eventually sold, making it one of the best-selling personal computers ever. Retail price: $595.
Richard Stallman and the Birth of the White Hat Community
1983
Richard Stallman has made numerous contributions to computer security, but he is best known for launching the free software movement. In 1983 he decided to launch an open- source operating system called the GNU Project. This was a seminal moment for the so-called “white hat” community of hackers, vanguards of Internet security who were attempting to create an online utopia in which information flows freely and the Internet is used for the betterment of mankind. Precisely when the white hats emerged as a subset of the hacker community is hard to pinpoint, but their earliest incarnation may have been in MIT’s artificial intelligence lab in the 1960s, where early hackers attempted to push the bounds of computer programming.
Windows
1985
Microsoft shipped the Windows 1.0 operating system. It retailed for $100.
MOD and LOD Squads
1987
Hackers are usually solitary actors, but occasionally they band together. Few bands in recent memory stand out as much as the Masters of Deception (MOD) and the Legion of Doom (LOD), both of which emerged in late 1987. Working together, the two groups hacked into several major computer systems, including AT&T and Bank of America, and were also infamous for taking control of large portions of the U.S. telephone network to communicate with each other. Perhaps MOD’s and LOD’s greatest contribution to the history of the Internet was their 1990 launching of the first inter-hacker cyberwar, which later become known as “The Great Hacker War.”
Kevin Poulsen, Infrastructure Hijacker
1988
Kevin Poulsen has gained infamy through his long-running career as a hacker and phone phreaker. One of his most lauded hacks was into ARPA Net, predecessor of the Internet, while it was still under the control of the U.S. Department of Defense. He also has managed to take over portions of telephone and other communication networks to redirect or disable them at will. Poulsen has demonstrated what a resourceful and skilled person can do on the Internet, given the right conditions, and proved the adage that the greatest source of power on the Internet is the individual user.
Morris Worm
1988
The Morris Worm claimed its place in the history books on Nov. 2, 1988, when it was released into a relatively defenseless Internet. The worm had started as a harmless student experiment by Robert Tappan Morris, who wanted simply to determine the number of computers and systems currently attached to the Internet. The “Morris Worm” did this by implanting a copy of itself into each computer or system that it encountered as it flowed through the Internet. However, a flaw in its programming allowed the worm to recopy itself in systems where copies already existed. By the time the worm ended its run it had infected or disabled roughly 10 percent of the Internet. Cleanup costs were estimated to be in the range of $10 million to $100 million. Even taking into account the level of Internet development at the time, this was an amazing accomplishment.
Windows 3.0
1990
The third major release of Microsoft's now-ubiquitous operating system, Windows 3.0 was the first widely successful version. Retail price: $[?].
DEFCON
1993
Rarely does the hacker community extend beyond cyberspace -- hacks, attacks, communications and almost every other hacker activity occur within or through the Internet. In June 1993, hackers came in from the underworld and gathered at the Sands Hotel and Casino in Las Vegas for the first annual DEFCON convention, a self-proclaimed “orgy of information exchange, viewpoints, speeches, education, enlightenment and most of all sheer, unchecked partying.” In the years since, that and similar “underground” events have brought an unknown community into the public eye and revealed its values, interests and direction.
Botnets: The Rise of the Super User
1993
The power of the individual Internet user has historically been limited by a few basic factors: connection speed, computing speed, knowledge and skill. Connection and computing speeds were most often the primary factors, since these were based on the individual user’s financial resources. Some users, however, can command computing resources that surpass those of large corporations and even some countries by creating vast “botnets.” A “bot” is a single computer or server hijacked by a hacker and usually put toward some nefarious use. In 1993, the emergence of the “Eggdrop” program -- the first Internet Relay Chat (IRC) bot -- made possible the massing of multiple bots into a centrally controllable network (botnet). Most often, botnets are developed to participate in distributed denial-of-service (DDoS) or denial of service (DDoS) attacks to shut down Web sites, Internet servers and communication nodes. Botnets also can be mobilized for phishing, email spamming and installing spyware and adware.
Vladimir Levin and the Virtual Citibank Heist
1994
Vladimir Levin was an ordinary computer programmer in St. Petersburg, Russia, when he paid a hacker group $100 for access to Citibank’s financial systems. The group had discovered lax security surrounding Citibank’s networks and had conducted a thorough exploration -- installing video games and playing them on the network, using computer programs and existing network applications, reading confidential files -- without ever being detected. In return for the $100, Levin was able to access the accounts of several large Citibank corporate customers and, using Citibank’s dial-up wire transfer service, steal $10.7 million. Ultimately, all but $400,000 was recovered. The Levin case demonstrates what a less-skilled user can accomplish with a little cash and just the right contacts.
Windows 95
1995
Microsoft shipped Windows 95, the successor to Windows 3.0. One million copies were sold in four days. Retail price: $90.
Tim Lloyd and the Logic Bomb
1996
As an employee at the defense contractor Omega Engineering Corp., Tim Lloyd began having interpersonal problems with other employees and was told he would be moved to another position that had less to do with his original assignment, which was network administration. Lloyd feared he would eventually be terminated, so he planted a “logic bomb” in the company’s computer system. When the bomb was “detonated” on July 31, 1996, it destroyed or deleted most of the company’s computer files. A single actor and a single program was all that was needed to bring an entire company to its knees (Omega is still operating today, but it took a considerable amount of time for it to resume operations and it was never able to recover all of its lost data).
Satellite-Jacking
1999
A group of hackers in England grabbed headlines in February 1999 when they took control of a British military satellite. Inflicting no damage to the system, the hackers seemed more interested in exploring the satellite’s capabilities. The British Ministry of Defense nevertheless took a dim view of the experiment, tracing the satellite-jacking to culprits in southern England with the help of a group of American hackers following the case. The hackers are believed to have penetrated the system by following instructions in a manual published by another hacker group.
Kosovo: The Electronic Battlefield Breaks Ground
1999
After NATO intervened in the Kosovo War in March 1999, a dramatic shift occurred in the functions, perceptions and activities of hacker communities around the world. Responding to NATO airstrikes, Serbian hackers began waging a cyberwar against NATO nations. Much of this was restricted to vandalism and DDoS/DoS attacks, but the assault also included disinformation and smear campaigns. Most of the early action went unnoticed by the rest of the world, but hackers in NATO nations quickly realized what was going on and begin to fight back, restoring vandalized Web sites, attacking identified Serbian network targets and defending high-value targets. After the accidental NATO bombing of the Chinese embassy in Belgrade, numerous Chinese hackers suddenly joined the fight. This brought reinforcements from other NATO nations, some of whom organized large hacker organizations and armies to meet the Chinese and Serbian hackers head-on. The U.S. government even thought about creating cyberwarfare units to aid in the campaign against Serbia but decided against it because of legal complications. Ultimately, the Kosovo cyberwar demonstrated the power of the growing hacker community and showed how hackers could serve as warriors for the nation-state.
Mafiaboy and the Power of Script Kiddies
2000
Mike Calce, better known by his handle “Mafiaboy,” exemplifies what enhanced Internet communications and a better-than-average grasp of computers can accomplish. In essence, Mafiaboy was nothing more than a “script kiddie,” a kind of low-skilled hacker wannabe, using free DoS programs commonly found on the Internet to attack large commercial Web sites such as Yahoo, Amazon, Dell, E*Trade, eBay and CNN. Each attack either crippled the site completely or severely impaired access and use. All of this happened within about a week in February 2000 and caused an estimated $1.2 billion in damages or lost business.
Love Bug Worm/ILOVEYOU
2000
On May 4, 2000, in a little less than 24 hours, the Love Bug Worm was able to spread across most of the world and infect 10 percent of all the computers connected to the Internet.Countless businesses, government agencies and private servers were forced to shut down in order to limit the spread of the worm. While early gains were made in countering the Love Bug through antiviral and other protective methods, it still caused an estimated $5.5 billion in lost revenue, damages and additional costs in a very short period of time. One of the most effective and expensive Internet worms to date, the Love Bug was unique in its reliance on both traditional and new transmission methods. Exploiting human instinct by using “I love you” or some variant thereof in the subject line (an example of a practice known as "social engineering"), hackers employed basic scripts in interesting new ways to bypass security and facilitate the spread of the infection.
Torrent
2001
A torrent is a type of peer-to-peer (P2P) file-sharing protocol that allows large amounts of data to be distributed without the original data provider and without incurring costs associated with hardware, hosting and bandwidth resources. This is accomplished by a seeder (someone having a complete copy of the file or data) transferring pieces of the file to numerous “leechers” (users having an incomplete copy of the file or data) simultaneously. As the leechers accumulate the data, they are able to transfer missing pieces to one another within the network so that the original seeder doesn’t have to provide the entire file to each leecher. In the world of the Internet, the rapid transmission of data across networks and vast geographic distances is everything, but the capacity to do so is limited by the power of the system to which a particular user has access. The development of the torrent file extension and communications protocol, released by programmer Bram Cohen on July 2, 2001, changed all that. Today it is estimated that between 18 and 35 percent of all Internet data traffic can be attributed to torrents.
Code Red
2001
The Code Red worm, released on July 13, 2001, was a particularly nasty program, even though it employed conventional “exploits” (security flaws or backdoors into a system), and a security patch was released a month before to protect against it. Exploiting a buffer-overflow flaw in the indexing software distributed with Microsoft’s Internet Information Server, Code Red was able to spread quickly and execute multiple functions. After infecting a particular server or individual system, it would either attempt to infect others or become part of a botnet and launch DDoS/DoS attacks against Web sites and servers.
Backbone Attack I
2002
An attack against the Internet backbone on Oct. 22, 2002, made global network interruption a possibility. While the leader of the attack is still unknown, a massive botnet was mobilized to carry it out. At its peak, data amounts of roughly 1 gigabyte per second were being requested of the servers simultaneously, equivalent to roughly 13,000 emails per second. The attack lasted only one hour but was able to disable nine of the world’s 13 Domain Name System (DNS)servers -- a major milestone.
SQL Slammer: The Network Worm
January 23 2003
Compared to many other worms, “Slammer” was unique. Rather than attack individual users and their computers, Slammer targeted servers, the intermediaries of the Internet. By removing people and their email accounts, its primary means of transmission, the worm could achieve concentrations and speeds that were difficult to counteract.Ten minutes after its release on Jan. 23, 2003, Slammer infected more than 75,000 servers. As each server became infected, it sought out other servers and attempted to spread the wormfurther. This caused a massive spike in global data traffic and serversand routers became overloaded worldwide. They then shifted their data loads to other servers and routers within the network, which started a cascade of failures.Ultimately, Slammer was able to infect more than 500,000 servers worldwide, increase packet loss to over 20 percent (the norm is less than 1 percent), and take large amounts of South Korea’s Internet offline for roughly half a day.
Bagle
February 17 2004
Though it used traditional means of dissemination and target groups, Bagle was an important evolutionary step in the history of viruses and worms. Released on Feb. 17, 2004, Bagle targeted a computer or system and successfully penetrated or avoided its defensive measures. Once inside, it created a data portal to remote users who would disperse the worm. Through this portal, the users and their applications were able to openly access data and operations that the infected computer possessed.