- Timeline of computer security hacker history
This is a timeline of computer security hacker history. Hacking and
system crackingappeared with the first electronic computers. Below are some important events in the history of hacking and cracking.
* John T. Draper (later nicknamed Captain Crunch), and his friend Joe Engressia and
blue box phone phreakinghits the news with an Esquire Magazinefeature storyDavid Price: [http://www.counterpunch.org/price06302008.html Blind Whistling Phreaks and the FBI's Historical Reliance on Phone Tap Criminality] CounterPunch, June 30, 2008] .
Chaos Computer Clubforms in Germany.
The 414sbreak into 60 computer systems at institutions ranging from the Los Alamos Laboratories to Manhattan's Memorial Sloan-Kettering Cancer Center. [http://www.time.com/time/magazine/article/0,9171,949797-1,00.html The 414 Gang Strikes Again, Aug 29 1983, Time magazine] ] The incident appeared as the cover story of Newsweekwith the title "Beware: Hackers at play", ["Beware: Hackers at play", Newsweek, September 5, 1983, pp. 42-46,48] possibly the first mass-media use of the term "hacker" in the context of computer security. As a result, the U.S. House of Representativesheld hearings on computer security and passed several laws [David Bailey, "Attacks on Computers: Congressional Hearings and Pending Legislation," sp, p. 180, 1984 IEEE Symposium on Security and Privacy, 1984.] .
* The group KILOBAUD is formed in February, kicking off a series of other hacker groups which form soon after.
* The movie "
WarGames" introduces the wider public to the phenomenon of hacking and creates a degree of mass paranoia of hackers and their supposed abilities to bring the world to a screeching halt by launching nuclear ICBM's.
The 414sare caught and investigated by the FBI. Although most members are not charged with a crime, they gain widespread media attention [Citation|newspaper= Detroit Free Press|year=1983|date=September 27, 1983] [Citation|last=Elmer-DeWitt|first=Philip|title=The 414 Gang Strikes Again|newspaper= Time magazine|pages=p. 75|year=1983|date=August 29, 1983|url=http://www.time.com/time/magazine/article/0,9171,949797,00.html] , eventually becoming a cover story of " Newsweek" entitled "Beware: Hackers at play". [Citation|title=Beware: Hackers at play|newspaper= Newsweek|pages=pp. 42-46,48|year=1983|date=September 5, 1983]
U.S. House of Representativesbegins hearings on computer security hacking. [cite web|publisher=Washington Post|url=http://www.washingtonpost.com/wp-dyn/articles/A50606-2002Jun26.html|year=2002|accessdate=2006-04-14|title=Timeline: The U.S. Government and Cybersecurity]
* In his
Turing Awardlecture, Ken Thompsonmentions "hacking" and describes a security exploit that he calls a "Trojan horse". [cite conference|first=Ken|last=Thompson|title=Reflections on Trusting Trust|booktitle=1983 Turing Award Lecture|publisher=ACM|date=October 1983|url=http://www.acm.org/awards/article/a1983-thompson.pdf|format=
* Someone calling himself
Lex Luthorfounds the Legion of Doom. Named after a Saturday morning cartoon, the LOD had the reputation of attracting "the best of the best" — until one of the most talented members called Phiber Optikfeuded with Legion of Doomer Erik Bloodaxe and got 'tossed out of the clubhouse'. Phiber's friends formed a rival group, the Masters of Deception.
Comprehensive Crime Control Actgives the Secret Service jurisdiction over computer fraud.
* CULT OF THE DEAD COW forms in
Lubbock, Texasand begins publishing its ezine.
* The hacker magazine "
2600" begins regular publication, right when TAP was putting out its final issue. The editor of "2600", " Emmanuel Goldstein" (whose real name is Eric Corley), takes his handle from the leader of the resistance in George Orwell's 1984. The publication provides tips for would-be hackers and phone phreaks, as well as commentary on the hacker issues of the day. Today, copies of "2600" are sold at most large retail bookstores.
* The first
Chaos Communication Congress, the annual European hacker conference organized by the Chaos Computer Club, is held in Hamburg
* KILOBAUD is re-organized into The
P.H.I.R.M., and begins sysopping hundreds of BBSs through-out the United States, Canada, and Europe.
* The online 'zine
The Hacker's Handbookis published in the UK.
* After more and more break-ins to
governmentand corporate computers, Congress passes the Computer Fraud and Abuse Act, which makes it a crime to break into computer systems. The law, however, does not cover juveniles.
* Arrest of a hacker who calls himself
The Mentor. He published a now-famous treatise shortly after his arrest that came to be known as the Hacker's Manifestoin the e-zine entitled Phrack. This still serves as the most famous piece of hacker literature and is frequently used to illustrate the mindset of hackers.
Clifford Stollplays a pivotal role in tracking down hacker Markus Hess, events later covered in Stoll's 1990 book "The Cuckoo's Egg". [cite book
title=The cuckoo's egg
Decoder magazinebegins in Italy.
Christmas Tree EXEC"worm" causes major disruption to the VNET, BITNETand EARN networks. [Burger, R.: "Computer viruses - a high tech disease", "Abacus/Data Becker GmbH" (1988), ISBN 1-55755-043-3]
* The "
Morris Worm". Graduate student Robert T. Morris, Jr.of Cornell Universitylaunches a worm on the government's ARPAnet(precursor to the Internet). [Spafford, E.H.: "The Internet Worm Program: An Analysis", "Purdue Technical Report CSD-TR-823" (undated)] [Eichin, M.W. and Rochlis, J.A.: "With Microscope and Tweezers: An Analysis of the Internet Virus of November 1988", "MIT"(1989)] The worm spreads to 6,000 networked computers, clogging government and university systems. Morris is dismissed from Cornell, sentenced to three years probation, and fined $10,000.
First National Bank of Chicagois the victim of $70-million computer theft.
* The Computer Emergency Response Team (CERT) is created by
DARPAto address network security.
Father Christmas (computer worm)spreads over DECnetnetworks.
Jude Milhon(aka St Jude) and R. U. Siriuslaunch Mondo 2000, a major '90s tech-lifestyle magazine, in Berkeley, California.
* The politically motivated WANK worm spreads over
Operation Sundevilintroduced. After a prolonged sting investigation, Secret Service agents swoop down on organizers and prominent members of BBSs in 14 U.S. cities including the Legion of Doom, conducting early-morning raids and arrests. The arrests involve and are aimed at cracking down on credit-card theft and telephone and wire fraud. The result is a breakdown in the hacking community, with members informing on each other in exchange for immunity. The offices of Steve Jackson Gamesare also raided, and the role-playing sourcebook GURPS Cyberpunkis confiscated, possibly because the government fears it is a "handbook for computer crime". Legal battles arise that prompt the formation of the Electronic Frontier Foundation, including the trial of Knight Lightning.
* Australian federal police tracking "Realm" members "Phoenix", "Electron" and "Nom" are the first in the world to use a remote data intercept to gain evidence for a computer crime prosecution. [cite book | author=Bill Apro & Graeme Hammond | title=Hackers: The Hunt for Australia’s Most Infamous Computer Cracker | year= 2005 | id=ISBN 1-74124-722-5 | publisher= Five Mile Press ]
* Release of the movie "Sneakers", in which security experts are blackmailed into stealing a
universal decoderfor encryption systems.
MindVoxopens to the public.
* Bulgarian virus writer
Dark Avengerwrote 1260, the first known use of polymorphic code, used to circumvent the type of pattern recognition used by Anti-virus software, and nowadays also intrusion detection systems.Fact|date=August 2008
* The first
DEF CONhacking conference takes place in Las Vegas. The conference is meant to be a one-time party to say good-bye to BBSs (now replaced by the Web), but the gathering is so popular it becomes an annual event.
AOLgives its users access to USENET, precipitating Eternal September.
Russian crackers siphon $10 million from Citibank and transfer the money to bank accounts around the world. Vladimir Levin, the 30-year-old ringleader, uses his work laptop after hours to transfer the funds to accounts in Finlandand Israel. Levin stands trial in the United Statesand is sentenced to three years in prison. Authorities recover all but $400,000 of the stolen money.
* Hackers adapt to emergence of the
World Wide Webquickly, moving all their how-to information and hacking programs from the old BBSs to new hacker Web sites.
AOHellis released, a freewareapplication that allows a burgeoning community of unskilled script kiddies to wreak havoc on America Online. For days, hundreds of thousands of AOL users find their mailboxes flooded with multi-megabyte email bombs and their chat rooms disrupted with spam messages.
* The movies "The Net" and "Hackers" are released.
* Hackers alter Web sites of the
United States Department of Justice(August), the CIA(October), and the U.S. Air Force(December).
* Canadian hacker group,
Brotherhood, breaks into the Canadian Broadcasting Corporation.
U.S. General Accounting Officereports that hackers attempted to break into Defense Department computer files some 250,000 times in 1995 alone. About 65 percent of the attempts were successful, according to the report.
* The MP3 format gains popularity in the hacker world. Many hackers begin setting up sharing sites via FTP, Hotline, IRC and USEnet.
* A 15-year-old
Croatian youth penetrates computers at a U.S. Air Forcebase in Guam[http://www.nap.edu/html/trust/trust-1.htm] .
* December: Information Security publishes first issue.
* First high-profile attacks on Microsoft's
Windows NT operating system[http://news.cnet.com/Hackers-jam-Microsofts-site/2100-1023_3-200788.html] [http://www.byte.com/art/9711/sec6/art3.htm]
* In response to the MP3 popularity, the Recording Industry Association of America begins cracking down on FTPs [http://www.cnn.com/TECH/computing/9803/26/saltzman_mp3/index.html] . The RIAA begins a campaign of lawsuits shutting down many of the owners of these sites including the more popular ripper/distributors The Maxx (Germany, Age 14), Chapel976 (USA, Age 15), Bulletboy (UK, Age 16), Sn4rf (Canada, Age 14) and others in their young teens via their ISPs. Their houses are raided and their computers and modems are taken. The RIAA fails to cut off the head of the MP3 beast and within a year and a half, Napster is released.
Yahoo!notifies Internet users that anyone visiting its site in recent weeks might have downloaded a logic bomband wormplanted by hackers claiming a "logic bomb" will go off if Mitnick is not released from prison.
Anti-hackerruns during Super Bowl XXXII
* February: The
Internet Software Consortiumproposes the use of DNSSEC( domain-name system security extensions) to secure DNS servers.
* June: Information Security publishes its first annual
Industry Survey, finding that nearly three-quarters of organizations suffered a security incident in the previous year.
* October: "
U.S. Attorney General Janet Renoannounces National Infrastructure Protection Center."
Software securitygoes mainstream In the wake of Microsoft's Windows 98 release, 1999 becomes a banner year for security (and hacking). Hundreds of advisories and patches are released in response to newfound (and widely publicized) bugs in Windows and other commercial software products. A host of security software vendors release anti-hacking products for use on home computers.
Electronic Civil Disobedience project, an online political performance- art group, attacks the Pentagon calling it conceptual artand claiming it to be a protest against the U.S. support of the suppression of rebels in southern Mexicoby the Mexican government. ECD uses the FloodNetsoftware to bombard its opponents with access requests.
* U.S. President
Bill Clintonannounces a $1.46 billion initiative to improve government computer security. The plan would establish a network of intrusion detection monitors for certain federal agencies and encourage the private sector to do the same.
January 7: an international coalition of hackers (including CULT OF THE DEAD COW, " 2600" 's staff, " Phrack"'s staff, L0pht, and the Chaos Computer Club) issued a joint statement ( [http://www.cultdeadcow.com/news/statement19990107.html] ) condemning the LoU's declaration of war. The LoU responded by withdrawing its declaration.
* March: The
Melissa wormis released and quickly becomes the most costly malware outbreak to date.
* July: CULT OF THE DEAD COW releases
Back Orifice 2000at DEF CON
Kevin Mitnick, "the most wanted man in cyberspace",Who|date=August 2008 sentenced to 5 years, of which over 4 years had already been spent pre-trial including 8 months solitary confinement.
Level Sevenhacks [http://www.usembassy-china.gov The US Embassy in China's Website] and places racist, anti-government slogans on embassy site in regards to 1998 U.S. embassy bombings. [http://www.cnn.com/TECH/computing/9909/08/hack.folo]
American Expressintroduces the "Blue" smart card, the industry's first chip-based credit card in the US.
* May: The
ILOVEYOUworm, also known as VBS/Loveletter and Love Bug worm, is a computer worm written in VBScript. It infected millions of computers worldwide within a few hours of its release. It is considered to be one of the most damaging worms ever.
* Microsoft becomes the prominent victim of a new type of hack that attacks the
domain name server. In these denial-of-service attacks, the DNS paths that take users to Microsoft's Web sites are corrupted.
* February: A Dutch cracker releases the
Anna Kournikovavirus, initiating a wave of viruses that tempts users to open the infected attachment by promising a sexy picture of the Russian tennisstar.
* April: FBI agents trick two into coming to the U.S. and revealing how they were Hacking U.S. banks [http://www.theregister.co.uk/2002/10/07/fbi_sting_snares_top_russian/] .
** Spurred by elevated tensions in
Sino-American diplomatic relations, U.S. and Chinese hackers engage in skirmishes of Web defacements that many dub " The Sixth Cyberwar".
* July: Russian programmer
Dmitry Sklyarovis arrested at the annual Def Con hacker convention. He is the first person criminally charged with violating the Digital Millennium Copyright Act (DMCA).
Code Red worm, infects tens of thousands of machines.
Bill Gatesdecrees that Microsoft will secureits products and services, and kicks off a massive internal trainingand quality controlcampaign.
* May: Klez.H, a variant of the worm discovered in November 2001, becomes the biggest
malwareoutbreak in terms of machines infected, but causes little monetary damage.
* June: The Bush administration files a bill to create the
Department of Homeland Security, which, among other things, will be responsible for protecting the nation's critical IT infrastructure.
* August: Researcher
Chris Pagetpublishes a paper describing " shatter attacks", detailing how Windows' unauthenticated messaging systemcan be used to take over a machine. The paper raises questions about how securable Windows could ever be.
* October: The
International Information Systems Security Certification Consortium- (ISC)2 - confers its 10,000th CISSPcertification.
* March: CULT OF THE DEAD COW and
Hacktivismoare given permission by the United States Department of Commerceto export software utilizing strong encryption.
December 18: Milford Manpleas guilty to hacking.
Myron Tereshchukis arrested for attempting to extort $17 million from Micropatent.
September 15: An unnamed teenager is sentenced to 11 months for gaining access to T-Mobile USA's network and exploiting Paris Hilton's Sidekick.
November 3: Jeanson James Ancheta, whom prosecutors say was a member of the "Botmaster Underground", a group of script kiddies mostly noted for their excessive use of bot attacks and propagating vast amounts of spam, was taken into custody after being lured to FBI offices in Los Angeles. cite web |date=2005-11-04|url = http://www.vnunet.com/vnunet/news/2145579/fbi-arrest-botnet-master|title = FBI sting nets botnet hacker|format = HTML |publisher = vnunet.com| accessdate = 2008-09-26 | last=Iain Thomson |quote=]
* January: One of the few worms to take after the old form of malware, destruction of data rather than the accumulation of zombie networks to launch attacks from, is discovered. It had various names, including Kama Sutra (used by most media reports), Black Worm, Mywife, Blackmal, Nyxem version D, Kapser, KillAV, Grew and CME-24. The worm would spread through e-mail client address books, and would search for documents and fill them with garbage, instead of deleting them to confuse the user. It would also hit a web page counter when it took control, allowing the programmer who created it as well as the world to track the progress of the worm. It would replace documents with random garbage on the third of every month. It was hyped by the media but actually affected relatively few computers, and was not a real threat for most users.
Direct-to-videofilm " The Net 2.0" is released, as a sequel to "The Net", following the same plotline, but with updated technology used in the film, using different characters, and different complications. The director of "The Net 2.0", Charles Winkler, is son of Irwin Winkler, the director of "The Net".
* May: Jeanson James Ancheta receives a 57 month prison sentence, [http://www.techweb.com/wire/security/187201459] and is ordered to pay damages amounting to $15,000.00 to the Naval Air Warfare Center in China Lake and the Defense Information Systems Agency, for damage done due to DDoS attacks and hacking. Ancheta also had to forfeit his gains to the government, which include $60,000 in cash, a BMW, and computer equipment [http://www.techweb.com/wire/security/187201459] .
* May: Largest Defacement in Web History is performed by the Turkish hacker
iSKORPiTXwho successfully hacked 21,549 websites in one shot. [http://www.zone-h.org/component/option,com_oldstuff/Itemid,31/task,news/id,206009//]
* September: Viodentia releases FairUse4WM tool which would remove DRM information off WMA music downloaded from music services such as Yahoo Unlimited, Napster, Rhapsody Music and Urge.
* October: Jesus Oquendo releases [http://www.infiltrated.net/asteroid/ Asteroid] , a SIP Denial of Service testing tool. It broke all versions of Asterisk until 1.2.13. Asteroid is also known to affect certain SIP Softphones, SIP Phones and possibly other products using the SIP protocol. It was used in Henning Schulzrinne's Columbia University seminars. See MITRE CVE-2006-5444 and CVE-2006-5445
* May 17:
Estoniarecovers from massive denial-of-service attack [ [http://www.networkworld.com/news/2007/051707-estonia-recovers-from-massive-denial-of-service.html Estonia recovers from massive denial-of-service attack - Network World ] ]
* June 13:
FBIOperation Bot Roast finds over 1 million botnet victims [ [http://www.networkworld.com/community/node/16193 FBI: Operation Bot Roast finds over 1 million botnet victims |NetworkWorld.com Community ] ]
* June 21: A
spear phishingincident at the Office of the Secretary of Defensesteals sensitive U.S. defense information, leading to significant changes in identity and message-source verification at OSD.cite news
first = Robert
last = McMillan
url = http://www.infoworld.com/article/07/06/21/Pentagon-shuts-down-systems-after-cyberattack_1.html
title = Pentagon shuts down systems after cyberattack
June 21, 2007
accessdate = 2008-03-10] cite news
first = Jill R.
last = Aitoro
url = http://www.govexec.com/story_page.cfm?articleid=39456
title = Defense officials still concerned about data lost in 2007 network attack
work = Government Executive
National Journal Group
March 5, 2008
accessdate = 2008-03-10]
* August 11:
United Nationswebsite hacked by Turkish Hacker Kerem125 [ [http://www.internethaber.com/news_detail.php?id=99151 BM'nin sitesi hacklendi |Haber'in Doğru Adresi, Haber, Yerel Haber, Siyaset Haberleri, Sondakika Haberleri, Gazeteler, Haberler ] ]
* October 7:
Trend Microwebsite successfully hacked by Turkish hacker Janizary(a.k.a Utku) [ [http://www.crn.com/security/206903880 Trend Micro Victim Of Malicious Hack ] ]
* November 29:
FBIFBI Operation Bot Roast II: 1 million infected PCs, $20 million in losses and 8 indictments [ [http://www.networkworld.com/community/node/22413?t51hb FBI 'Bot Roast II: 1 million infected PCs, $20 million in losses and 8 indictments |NetworkWorld.com Community ] ]
* January 18:
Project ChanologyAnon attacks Scientology website servers around the world. Private documents are stolen from Scientology computers and distributed over the Internet
* March 7: 20-something Chinese hackers claim to have gained access to the world's most sensitive sites, including
The Pentagon. They operate from a bare apartment on a Chinese island.cite news
url = http://edition.cnn.com/2008/TECH/03/07/china.hackers/index.html
title = Chinese hackers: No site is safe
March 7, 2008
accessdate = 2008-03-07]
List of convicted computer criminals
*cite book| title=Virus! The secret world of computer invaders that breed and destroy| author=Allan Lundell |year=1989| publisher=Wayne A. Yacco|isbn=0-8092-4437-3
*cite book| title=Out of the Inner Circle | author=Bill Landreth | publisher=Tempus Books of Microsoft Press | date=1989  | isbn=1-55615-223-X
*cite book | title=Beating the System: Hackers, phreakers and electronic spies | author=Owen Bowcott and Sally Hamilton | publisher=Bloomsbury | year=1990 | isbn=0-7475-05136
*cite book | title=The computer virus crisis | author=Philip Fites, Peter Johnston and Martin Kratz | publisher=Van Nostrand Reinhold | year=1989 | isbn=0-442-28532-0
*cite book | author=Bruce Sterling | title=The Hacker Crackdown: Law and disorder on the electronic frontier | publisher=Penguin | year=1992 | isbn=0-14-017734-5
*cite book | author=Steve Gold | title=Hugo Cornwall's New Hacker's Handbook | year=1989 | publisher=Century Hutchinson Ltd | isbn=0-7126-3454-1 | location=London
Wikimedia Foundation. 2010.