It’s 2018 and cybersecurity is big business.
The Australian government plans to triple the size of the sector by 2026, and as cybercrime continues to grow, the industry is attracting the best and brightest minds to counter it.
While it may seem absurd now, the solution to some of the earliest cybercrime was to shut down the entire internet. Yes, you read that correctly.
Fortunately, cybersecurity has evolved at break-neck speed and shows no signs of slowing down.
To prepare Australia for the burgeoning demand for cybersecurity professionals, new degrees with deep links to the industry are arming the new generation of cybercrime fighters with the knowledge they need to tackle the cutting-edge attacks we’ll see in the near future.
The future certainly looks bright for the industry. But before we look ahead, it’s worth having a look at the past. By understanding some of the major turning points in cybersecurity history, we can better respond when a more advanced attack strikes today.
Reaper and Creeper
What we now know as a dreaded computer virus actually started innocently enough.
His program had no malicious intent, but would cheekily display the message “I’m the creeper: catch me if you can!”.
In response to the worm’s teasing, Bob Thomas’s friend and colleague Ray Tomlinson (who famously invented oh, you know, e-mail) wrote another program that would not just move between computers on the network, but also copy itself as it went.
The program would delete Thomas’s ‘creeper’ worm, earning it the malicious yet fitting name of ‘reaper’.
The effects of the battle between the Reaper and the Creeper are debated with some arguing it was little more than an annoyance, but there’s no doubt it became an event of cultural significance.
The Morris Worm
Thomas and Tomlinson’s game of digital cat-and-mouse set the foundation for how worms and subsequently viruses would operate once the internet was established.
In 1989, the Morris Worm was the first widespread instance of a denial-of-service (DoS) attack. Reports suggested it affected 6,000 computers (roughly 10 per cent of computers connected to the internet at the time), but the accuracy of that figure has been debated.
The worm’s creator, Robert Morris, claimed that the worm was designed to gauge the size of the internet. However, the worm would significantly slow each computer it infected.
Critically, the virus was able to infect the same computer multiple times, with each infection slowing the computer until it eventually crashed.
Incredibly, the response at the time was to shut down the entire internet by disconnecting regional networks for several days. This allowed networks to be cleaned of the virus and have the exposed flaw rectified without risk of recontamination.
Can you imagine using that same measure today? We’re calling it: there would be an apocalypse within half an hour.
Morris was tried and convicted of violating the Computer Fraud and Abuse Act, with the conviction being held after an appeal from his legal team.
When it came to the cost of the damage, it was difficult to narrow it down. The U.S. Court of Appeals found the cost of removal ranged from $200 to $53,000, with Cliff Stoll of Harvard using this data to estimate that the worm caused anywhere from $100,000 to $10,000,000 worth of damage.
Obviously, shutting down the internet would not be a viable solution for every computer worm and virus released on the web (you think?), so CERTs (Computer Emergency Response Teams) were established to respond to emergencies of this magnitude.
The 90s wave
CERTs would become the first big players in the cybersecurity industry, and while they were able to fight and respond to viruses as they came out, they were very much ‘response’ teams – in other words, they weren’t able to prevent outbreaks.
Throughout the 90s, viruses went…um…viral, evolving at a rapid rate as they were released onto the fledgling internet.
While they often had little or no intent beyond trolling or causing havoc, people started to notice the malicious potential of viruses and it wasn’t long until they evolved into trojans, spyware and other more complex forms.
Antivirus software first entered the industry in response to the increasing threat as the internet became saturated with viruses.
We can only assume people were pretty tired of those “CONGRATULATIONS, YOU ARE THE 1,000,000th VISITOR – CLICK HERE TO CLAIM YOUR PRIZE” messages popping up on every website they ever visited.
Initially developed as programs that could detect viruses and prevent them from executing, antivirus software has continued to evolve to identify and counter other malicious programs.
The digital age and beyond
The big antivirus companies established in the 1990s dominated the cybersecurity industry for about 20 years, but since 2014, large, well-organised attacks have presented a new challenge and demanded more innovative and creative solutions.
One of these sophisticated attacks was carried out against Target and saw the details of over 40 million credit cards hacked through the retailer’s point-of-sale systems.
The attack was simply too advanced to have been prevented by the industry giants based on the methods they were using at the time – which, unsurprisingly, was a seriously alarming revelation for the public.
Since 2014, new, creative strategies such as artificial intelligence, machine learning and behavioural detection have been employed by new players in the industry – and to great effect.
As cyber attacks continue to evolve and become more complex, the rapidly growing cybersecurity industry faces exciting new challenges as it looks to use cutting-edge technology and techniques to fight the ever-present threat of malicious activity.