A Brief and Incomplete History of Cybersecurity

Caleb Townsend
Staff Writer   United States Cybersecurity Magazine

Many people assume that cybersecurity is a new vector, relatively starting within the last decade. However, cybersecurity history dates back to the seventies, before most people even had a computer. We have covered hacking incidents that took place before computers, but for the purposes of this article, our timeline starts in 1971, with an experiment.

The First Computer Worm

In 1971, Bob Thomas made history by creating a program that is widely accepted as the first ever computer worm. The worm bounced between computers, which was groundbreaking at the time. The worm was not at all malicious. However, it would display a message on  any infecting screen stating, “I’m the creeper: catch me if you can.”

The First Denial-of-Service (DoS) Attack 

In 1988, Robert Morris created a computer worm, which slowed the early internet down significantly. Thus, we have the first DoS attack in history. Surprisingly, Morris did not write the worm to cause damage. In contrast, Morris created it to highlight security flaws such as Unix sendmail and weak passwords. However, the code made the worm replicate excessively, causing damages estimated around $100,000 to $10,000,000. It also resulted in a partition of the internet lasting for several days.


1989 also marked a grim day in history, with Jospeh Popp creating the first ransomware attack. Joseph Popp created a Malware called the AIDS Trojan, which was distributed through his postal mailing lists using a floppy disk. Popp hoped to extort people out of money this program, similar to modern ransomware attacks. AIDS Trojan suffered from poor design and was easily removable. This was due to the virus only scrambling the names of the files, instead of the file’s contents. Most computers were still usable and people quickly made programs like AIDS_OUT to unlock the files.

The Computer Misuse Act

One of the first pieces of legislation in history that dealt with cybersecurity was The Computer Misuse Act. This act passed in 1990 in the United Kingdom. It effectively made any unauthorized attempts to access computer systems illegal. This piece of legislation has been active for years, with additional amendments modernizing the act.

Security Goes Mainstream

In 1999, Microsoft Windows 98 came out and ushered in a whole new level of accessibility for the layman. The spike in computer usage paved the way for software security systems to be common. Windows released many patches and commercial products. Additionally, many security vendors released anti-hacking software for home computer usage.


A new millennia ushers in new problems. The ILOVEYOU worm infected millions of computer worldwide within a mere few hours of its release. The worm is one of the most damaging worms in history.

Homeland Security

In 2002. George W. Bush filed a bill to create the Department of Homeland Security. This department took on responsibilities for IT infrastructure and eventually created a division specifically for cybersecurity.

Hacktivism History

In 2003, the hacktivist group Anonymous was started. Anonymous is an international hacktivist group known for a variety of cyber attacks against several governments, organizations, etc. They are by far the most iconic group of hackers in the world. The group is known for their Guy Fawkes masks that harken back to V for Vendetta.

Wikileaks and Beyond

By far one of the most notorious leaks in history was the result of Wikileaks in 2016. Wikileaks published the documents from the 2016 national committee email leak. This email leak involved Russian intelligence agency hackers and greatly affected how Americans viewed the 2016 election.

Moving forward, cybersecurity remains a chaotic force. 2018 was a year that saw some of the largest and most culturally notable cyber attacks in recent memory. We learned a lot. Facebook taught us that social media is selling our data. Marriott Hotel taught us that security breaches can lay dormant for years before anyone notices them. Dunkin’ Donuts taught us that no one is safe. However, as 2019 soldiers on, so must we. This new year will see the death of the password with Multi-Factor Authentication and a rise in Artificial Intelligence. Additionally, we will see an active focus in the boardroom on cybersecurity risks and solutions.

We all share a responsibility to hold ourselves and other companies accountable in regards to our data and our privacy.

Tags: , , , , , , , , ,