Log in / Register
Home arrow Computer Science arrow The InfoSec Handbook
< Prev   CONTENTS   Next >

Chapter 2 History of Computer Security


The first events in the history of exploiting security date back to the days of telephony. Telephone signals were sent via copper cables. Telephone lines could be tapped and conversations could be heard. In the early days of telephone systems, telephone operators intentionally misdirected calls and eavesdropped on conversations. In the 1970s, a

set of people known as phreakers exploited the weakness of digital switching telephone systems for fun. Phreakers discovered the signal frequency at which the numbers are dialed and tried to match the frequency by blowing a whistle and fooling the electronic switching system to make calls for free. Among these phreakers, John Draper found that he could make long-distance calls for free by building an electronic box that could whistle different frequencies.

During the 1960s and 1970s, telephone networks became the dominant mode of communication, connecting millions of users. Given the increasing importance of computers and the advent of time shared systems, it was natural to consider linking the computers on the telephone networks so that information could be shared among geographically distributed networks. Since telephones were analog and computers were digital, modem (modulator and demodulator) devices were used to connect computers over the telephone network. Connecting computers and sharing information was of major interest during the early days of network computing and the security of the

information became weak. Since people already knew how to break and tap into the phone systems, it became a game for them to break into the computer system, which was connected over the telephone networks.

With the creation of Advanced Research Projects Agency Network (ARPANET), a limited form of a system

break-in to the network began. ARPANET was originally designed to allow scientists to share data and access remote systems. E-mail applications became the most popular application to allow scientists to collaborate on research projects and discuss various topics over the network. Soon, a bulletin message board was created where people could post a topic and discuss various research topics together. Bulletin boards became the venue of choice for discussing

a wide range of topics, including passwords, credit card numbers, and trade tips, which encouraged the bad guys to hack into the system. Some famous bulletin boards include Sherwood Forest and Catch-22.

The predecessor of the Internet, the Advanced Research Projects Agency Network (ARPANET) was a large wide-area network created by the United States Defense Advanced Research Project Agency (ARPA). Established in 1969, ARPANET served as a testing ground for new networking technologies, linking many universities and research centers. The first two nodes that formed the ARPANET were UCLA and the Stanford Research Institute, followed shortly thereafter by the University of Utah. Some of the reasons for creating ARPANET include making it easier for people to access computers, to improve computer equipment, and to have a more effective communication method for the military.

In the 1980s, the TCP/IP network protocol Transmission Control Protocol (TCP) and the Internet Protocol (IP), and Personal Computers (PC) brought computing to homes where more and more people connected to the Internet. The 1983 fictional movie, “War Games,” was watched by millions of people and popularized hacking and made it glamorous. In 1981, Ian Murphy broke into AT&T's computers and changed billing rates of meters. He was later convicted.1 Kevin Mitnick stole computer manuals of Pacific Bells' switching center in Los Angeles, California, and was prosecuted for this crime.1 Bill Landreth was convicted for breaking into NASA's Department of Defense computers through GTE's e-mail network. In 1988, Kevin Mitnick was held for stealing software that was worth

$1 million, and also caused damages of around $4 million.

With increasing threats to security, government agencies in charge of ARPANET came up with the Computer Emergency Response Team (CERT): the first network security organization in 1988.2 The purpose of CERT is to spread security awareness among users and find ways to mitigate security breaches. As the Internet became popular, with more and more users becoming active, it became an appealing target for the “hackers” around the world. The 1990s saw more hacking activities such as the “Michelangelo” virus and the arrest of notorious hacker Kevin Mitnick for stealing credit card data, and the 1998 Solar Sunrise attack targeting Pentagon computers by Ehud Tenebaum.3

Today we are living in the Internet and World Wide Web (WWW) era, where everyone is connected. The Internet has changed the way we communicate with each other. The Web allowed information to be accessed instantly

from anywhere in the world. First-generation web 1.0 was just a static web. Web 2.0, called interactive web, allowed the users to communicate by emphasizing online collaboration. Web 3.0 technology called 'the intelligent Web' emphasized machine-facilitated understanding of information to provide a more intuitive user experience. The Web has become a social medium where we can interact with one another, which has unfortunately resulted in many threats and vulnerabilities and an increasing number of security breaches. Some of the popular attacks include “Mellisa, the love bug,” the “killer resume,” and “The code red.”

Found a mistake? Please highlight the word and press Shift + Enter  
< Prev   CONTENTS   Next >
Business & Finance
Computer Science
Language & Literature
Political science