- CYBER SECURITY
- INDUSTRIAL COMPUTING
- ABOUT US
In order to understand the current state of cyber vulnerabilities, an understanding of the development of computer infrastructure is essential. Through an examination of the history, we can learn about how technology has developed, how vulnerabilities have been discovered and exploited, who the actors are, and how the response to cyber vulnerabilities has grown to meet the challenge.
The first critical infrastructure to be exploited was the public telephone system. These early hackers were called phreakers (phone freaks). In 1960, the telephone system operators made the mistake of publishing an article titled Signaling Systems for Control of Telephone Switching, which contained detailed information on the frequencies used for the digits of routing codes. The phreakers, many of them blind with very acute hearing, were able to whistle the codes or even use a toy prize from a cereal box, which happened to match the far end trunk disconnect tone. This would allow the phreak to make free calls, or build “blue boxes” (homemade tone generators), that could replay codes to allow access to free phone calls. While this was not devastating to the phone system, it denied the operator revenue.
William D. Mathews from MIT, found a flaw in a Multics CTSS running on an IBM 7094, which disclosed the contents of the password file. That flaw is probably the first reported vulnerability in a computer system.
In 1969, ARPA contracted to build ARPANET, which would one day evolve into the Internet we know and rely on today.
In 1970, after monitoring 33 million calls, AT&T was able to prosecute and convict 200 phreakers.
Bob Thomas at BBN Technologies, conducted an experiment writing a self-replicating program called “creeper”, which infected DEC computers on the ARPANET. This is the first instance of a computer “worm” before the term had been created in the computer context.
An anonymously authored program called “Reaper” was released on ARPANET to remove Creeper.
A computer virus named “Rabbit” appeared, multiplying and causing computers performance to diminish until they crashed. This is the world’s first virus-causing “denial of service”.
John Walker wrote Pervading Animal, a computer game that replicated itself in every directory on the infected computer, to which the user had access. Attempts were made to use the creeper/reaper tactic to replace the bad game with a benign version. Some computer scientists consider this the first “Trojan” program.
The 1980s saw the explosion of personal computing, as inexpensive computers and modem technology allowed people to begin exploring, communicating, and learning. People interested in computers could now dial into Bulletin Board Systems (BBS) and share knowledge. The Hacker population grew from a few scientists and students to a thousand fold. The criminal hacker who used his skills with criminal intentions beyond the simple exploration of computer systems directed his knowledge and experience toward distinctly criminal pursuits. This included the distribution of pirated commercial software and releasing viruses/worms that could shut down computer systems. Hackers surged in popularity, becoming nothing short of an epidemic.
Ian Murphy, along with three friends, hacked the server used by AT&T to meter people’s calls. He changed the internal clocks so that customers would get midnight discounts in the midday while those who waited until midnight to call long distance were hit with high bills. For the incident, Murphy (known to his friends as Captain Zap) become the first hacker to be tried and convicted as a felon.
Rich Skrenta, a 15-year-old high school student, created the Elk Cloner for the Apple II operating system. The Elk Cloner spread using a technique now known as “boot sector” infection. If a computer booted from an infected floppy disk, a copy of the virus was loaded in the computer’s memory. When an uninfected disk was inserted into the computer, the Elk Cloner copied itself to the disk, spreading from disk to disk.
At the Memorial Sloan-Kettering Cancer Center, a system administrator for a DEC VAX 11/780 computer found his system down. Soon, dozens of other systems around the country were reported as being hacked by the “414s”, a group of Milwaukee teenagers aged 15 to 22 using their area code as the name of the gang. Using home computers connected to ordinary telephone lines, the group broke into 60 computer systems at institutions ranging from the Los Alamos Laboratories to hospitals and banks. The FBI busted the 414s and the incident appeared as the cover story of Newsweek with the title Beware: Hackers at Play. As a result, the U.S. House of Representatives began hearings on computer security hacking.
The US Comprehensive Crime Control Act gave the Secret Service jurisdiction over computer fraud.
The U.S. government tried to thwart the problem by passing the Computer Fraud and Abuse Act (CFAA).
Robert Morris, a graduate student at Cornell University, allegedly planned to perform an experiment to map the size of the ARPANET. To achieve this goal, he wrote a program capable of copying itself across the network. Within 12 hours of its release, the worm was completely out of control. It infected at least 6,000 UNIX servers, approximately 10% of the entire network, clogging government and university systems. It would take years to completely eradicate the worm, causing damages estimated at around $10,000,000. Morris was dismissed from Cornell, sentenced to three years’ probation, and fined $10K.
In response to the Morris worm incident, the Computer Emergency Response Team (CERT) was founded.
Karl Koch, the leader of a group of German hackers, was arrested for acts of cyber espionage, such as breaking into US government and corporate computers and selling the operating-system source code to the KGB.
The politically motivated WANK worm spread over DECnet. VMS machines worldwide were penetrated by the anti-nuclear worm, having their login screens altered. The WANK worm was the first documented case of hacktivism.
The early years of computing, the 1960s and prior, saw the first steps towards the internetworked world as well as the first vulnerabilities of that world. The first critical infrastructure to be exploited was the public telephone system. The 1980s saw the rise of damaging code, hacking for profit, cyber espionage, and hacktivism. Not only have the attacks become more advanced, but the motivations now include nation states, criminals, and ideological organizations. In part 2 of this article, we will discuss the 1990s, and how it brought us the World Wide Web and the Internet as we know it today.
To learn more about how to proactively protect, maintain, and strengthen your critical infrastructure, contact FoxGuard.