Cybersecurity
Cybersecurity is the entirety of technology and techniques designed to protect data, networks, computers, and programs from cyberattacks and ensuing damage and unauthorized access. The primary goal of a criminal implementing a cyberattack is to access data within a system. Therefore, cybersecurity techniques are necessary to protect networks, servers, and computers that are the mechanisms used to get to the data. Cybersecurity is constantly evolving as cybercriminals become increasingly more inventive. In this article, the history, importance, and fundamental objectives of cybersecurity will be discussed.
History of Cybersecurity
Just as species evolve parallel to each other to seek that competitive edge for survival, so too is the parallel evolution of technology and the ingenuity of those carrying out cyberattacks. Long before cybersecurity terms such as worm, virus, trojan horse, spyware, and malware even existed, the first digital computer was created in 1943. During this time, cybersecurity attacks were basically nonexistent since only a few people had access to/knew how to operate these machines. Oddly enough and despite the existence of a threat at the time, John von Neuman published a theory in 1949 speculating that computer programs would at some point be able to self-replicate, which forecasted the existence of the computer virus.
1950s
In the late 1950s, hacking of telephone systems emerged in the form of phone phreaking. Phone ‘phreaks,’ who formed a community and even had newsletters, would hijack protocols to gain access remotely to the network of a phone company, allowing they to make free calls and avoid long distance fees. Although this practice died out in the 1980s, there were several famous phreaks including Apple founders Steve Wozniak and Steve Jobs. Though these attacks were not directly on computers per se, the phone phreak culture set the stage for the coming culture that exists today in hacker communities.
1960s
While today’s connotation of hacking is often negative and intertwined with cybercrime and gaining access to systems and data that are supposed to be beyond the hacker’s reach, early hackers in the 1960s were interested primarily in exploring, improving, and testing the limits of computer programs already available to them. The term “hack” was originally coined in 1961 by members of MIT’s Tech Model Railroad Club, and originally did not have anything to do with computers. Instead, hacking referred to club members ability to modify the functions of their train sets. Hacking as a term was from there generalized to computers as MIT students began to expand the capacity of tasks that IMB 704s could perform. Hacking at this stage was mischievous and led by curiosity, not malicious. Early hackers often were able to create programs based on pre-existing programs but that were better. One example of this is the UNIX operating system, developed in 1969 by Dennis Ritchie and Keith Thompson.
1970s
The 1970s saw the emergence of cybersecurity proper. During the early 1970s, there was a research project being conducted on ARPANET (Advanced Research Projects Agency Network), which was a precursor to the internet. In 1972, a computer program called Creeper was developed by researcher Bob Thomas. Creeper could traverse ARPANET’s network and leave a little message wherever it went: “I’m the creeper: catch me if you can.” Reaper was created by Ray Tomlinson (inventor of e-mail) to chase and delete Creeper. Reaper was not the only first instance of computer anti-virus software, but it was also the first ever self-replicating computer program: the very first computer worm.
1980s
Combatting the vulnerabilities in systems became increasingly important as more and more organizations began utilizing telephones to create remote networks as each connected piece of hardware created a new entry point that needed protection. The government became involved at this point through the development of early computer security undertaken by ESD and ARPA with the U.S. Air Force. In 1979, 16-year-old Kevin Mitnick famously hacked into The Ark, which was a computer at Digital Equipment Corporation, and made copies of their software.
The 1980s saw the introduction of personal computers available to the general public. However, the widespread availability of the personal PC led to a rapid increase in hackers. While there were still hackers out there using hacking for “good” — i.e. improving software, the 1980s also saw the birth of hackers with more nefarious aspirations and the goal of personal gain at heart. These activities included pirating software, creating viruses, and breaking into systems to steal data. In the 1980s, high-profile attacks included attacks at National CSS, AT&T, and Los Alamos National Laboratory. In 1986, the first legislation related to hacking was passed: the Federal Computer Fraud and Abuse Act. Hacking even made its way into Hollywood themes as seen in the movie War Games (1983). Coincidentally, this was the same year that the terms Trojan Horse and Computer Virus were first used.
During the Cold War, the threat of cyberespionage was eminent. In 1985, the U.S. Department of Defense published the Trusted Computer System Evaluation Criteria (the Orange Book for short) that provided protocols for assessing the degree to which software can be trusted with sensitive data and protocols for manufacturers to follow when developing products. Despite these protocols being in place, 400 military computers were hacked using an internet gateway in California to gain access to ARPANET by German hacker Marcus Hess, who intended to sell data to the KGB. Even lay computer users began to become aware of the signs of attacks: increased size of command.com files and a sudden reduction in free operating memory. In 1987, the first commercial antivirus software was released.
1990s
The 1990s is when the term hacker really became part of the general public’s lexicon, though at this point the term had a negative connotation. Famous hackers (called “crackers” at the time) included Kevin Mitnick, Kevin Poulsen, Robert Morris, and Vladimir Levin, who were involved in many high-profile cases and gained a lot of media attention.
In the late 1990s, the increase in the use of e-mail was innovating the way that the world was communicating. However, with each e-mail sent, a new entry point for a virus is created. In 1999, the Melissa virus entered a computer system via a word document, and then went on the e-mail copies of itself to the first 50 e-mail addresses in Microsoft Outlook. To this day it remains one of the fastest spreading viruses on record, and it cost $80 million to fix.
2000s
In the 2000s, the increase of internet availability in homes and offices, the increase of internet-capable devices, and the increase in data that was kept in digital format meant more data for cybercriminals to plunder and more entry points to gain access to said data. In 2001, a new type of virus infection was developed that no longer relied on the user downloading and infected file. Malicious hackers would replace clean web pages with infected ones or would hide malware on legitimate web sites. At this time, viruses and worms began to spread through instant messaging services such as the chat client for AOL as well as IRC (Internet Relay Chat).
In the mid 00s, antivirus software became less effective due to zero-day attacks. Essentially, if the attack signature for a virus was not already in the database for antivirus software, the antivirus software couldn’t protect against the virus. Zero-day detection rates dropped from 40–50% in 2006 to 20–30% in 2007.
Also during this time, while cybercrime organizations were becoming more sophisticated and more heavily funded, software to combat these attacks were too becoming more sophisticated and heavily funded. In 2000, the first open source antivirus engine, OpenAntivirus Project, was made available, and in 2001, the first commercial open source antivirus software, ClamAV, was launched. Avast released the first free antivirus software in 2001, and it gained over 20 million users by 2006.
Since one drawback to antivirus software is the fact that it slowed a computer’s operation speed, moving the software off of the computer and into the cloud alleviated this issue. In 2007, Panda Security was the first company to create software utilizing the cloud in threat detection, and McAfee Labs followed along this same vein in 2008 by integrating cloud-based functionality in it’s anti-malware software, VirusScan. In 2009, the Anti-Malware Testing Standards Organization (AMTSO) was formed.
Another milestone in cybersecurity that occurred in the 00s was OS security, meaning that cybersecurity was built into the operating system, including regular OS patch updates, regular updates to antivirus engines as well as software, the addition of firewalls, and secure accounts with user management. This allowed for an extra levels of protection against threats. The emergence of smartphones during this decade led to antivirus systems being developed for Android and Windows mobile.
In the 2010s, there were many high-profile breached and attacks that targeted many nations’ security and resulted in the cost of million to businesses. Famous attacks include:
- 2012 — Data from than 400,000 credit cards was published by Saudi hacker 0XOMAR
- 2013 — Edward Snowden leaked classified information from the NSA
- 2013–2014 — Hackers compromised the accounts and personal information of 3 billion users on Yahoo
- 2017 — In one day,WannaCry ransomware infected 230,000 computers
- 2019 — The temporary shutdown of the New Zealand sock market was caused by multiple DDoS attacks
As businesses increasingly became more connected and digitized in the 2010s, and thus the opportunities for cybercriminals expanded, cybersecurity became increasingly tailored to the needs of specific businesses. In 2011, the first business product, Avast Business Protection, was made available by Avast.
Cybercriminals became ever-increasingly sophisticated during this decade with the innovation of multi-vector attacks and social engineering. Therefore, antivirus software made the mandatory shift from signature-based detection to ‘next generation’ detection. Next-gen cybersecurity involves:
- Multi-Factor Authentication (MFA)
- Network Behavioral Analysis (NBA) — identified malicious filed based on aberrant behavior (anomalies)
- Threat Intelligence & Update Automation
- Real-Time Protection (aka on-access scanning, auto-protect, resident shield, or background guard)
- Sandboxing
- Forensics
- Back-Up Mirroring
- Web Application Firewalls (WAF) — protect against cross-site-scripting (XSS), file inclusion, and SQL injection
2010s & 2020s — Anonymous (hacktivist group)
Pipeline shutdown
Importance of Cybersecurity
In today’s predominant digital world, cybersecurity too is becoming increasingly important. First, the volume of threats is increasing. Secondly, Cyberattacks are very expensive for businesses both in terms of the financial blow they can deal. Additionally, a data breach can severely damage the reputation of a business. In terms of national security, cyber attacks are extremely damaging when data is released to the public. Finally, cyberattacks are increasing in the amount of destruction they can cause.
Fundamental Objectives of Cybersecurity
The CIA triad, which stands for Confidentiality, Integrity, and Availability, is a model around which companies should form their security policies. Cyberattacks can exploit vulnerabilities in any of these three areas.
Confidentiality
Confidentiality centers around protecting data from unauthorized users. Confidentiality can be compromised by data encryption that is implemented poorly, MITM attacks, and a user disclosing sensitive data. In order to strengthen confidentiality, companies should use all or a combination of data encryption, two-factor authentication, biometric verification, and security tokens.
Integrity
Integrity revolves around a company’s ability to prevent data from being modified by unauthorized users. In order to bolster integrity, companies should implement cryptographic checksums, file permissions, uninterrupted power supplies, and data backup.
Availability
Availability revolves around authorized users are able to access data when they need to. In order to ensure availability, companies should back up data to external locations, implement firewalls, have backup power supply available, and decrease redundancy in data.
Types of Cyberattacks
- Brute-Force Attacks
- Consent Phishing
- Credential Stuffing
- Cross-Site Scripting
- Data Breach
- DDoS(distributed denial-of-service attack)
- DNS Hijacking
- Drive-By Attack
- Exploit
- Golden Ticket Attack
- Malware
- Ransomware
- Supply Chain Attack
- Web Shell
- Phishing/Spearphishing
- Security Misconfigurations
- SQL Injection
- Trojan Horse/Virus
Careers in Cybersecurity
The average salary for a cybersecurity professional in Louisiana is currently $107,633, while the median annual pay in the US for an information security analyst is $112,974 as of June 28,2021. According to ZipRecruiter, the range of cybersecurity annual salaries is between $40,500 and $304,500. The majority of salaries lie between $60,000 (25th percentile) and $145,500(75th percentile).