Despite its prevalence in the headlines and being top of mind for just about everyone, the cybersecurity industry is actually only about 35 years old. Given its relative newness, the industry and its professionals are still experiencing a maturation process, working to become more proactive in security efforts and develop a more organized process for maximum security and effectiveness. Looking back at security events, the relatively short history of cybersecurity reveals important milestones and lessons on where the industry is heading.
In the last few months alone, numerous large-scale attacks have brought the cybersecurity conversation into the mainstream and shown its value firsthand. While cyber threats evolve and unfortunately will continue, the cybersecurity industry also has a responsibility to learn, analyze, and improve.
One of my favorite and most useful tools in learning and teaching cybersecurity is looking at past breaches to see the chain of events, spot holes, and discuss better or faster ways to respond. It's been said history is a great teacher, and I've certainly found that to be true in cybersecurity. Here are the top six events in the last 20 years that have shaped the cybersecurity industry into what it is today.
Internet Domain Attack
In 2002, a malware attack nearly brought the entire Internet to its knees. There are 13 total domain name system root name servers for websites; think .edu, .com, .org. Hackers targeted all those domains, which are critical infrastructure for the Internet, via a denial-of-service attack and made the Internet unusable. While it only lasted about an hour in total, this attack showed the possibility to affect the whole Internet with a targeted cyberattack.
First uncovered in 2010, Stuxnet was a malicious computer worm designed to interfere with the industrial control systems, which controlled Iran's nuclear program at the time. It's believed to have taken more than five years to fully build and caused significant damage to about one-fifth of Iran's total nuclear program by infecting more than 200,000 computers and causing 1,000 machines to physically degrade. There is significant speculation that Stuxnet was a government cyber weapon, and it was the first incident of using a computer virus to manipulate the physical world.
A leader in the early Internet and webmail, Yahoo revealed it was breached in 2013. Representing the largest data breach up to that point, it exposed the entirety of Yahoo's users — more than 3 billion users' information. Once the full extent of the hack was discovered, it was a real wakeup call to the general public because of the popularity of Yahoo email accounts at the time, and the understanding that this breach personally affected millions of people.
Apple iPhone Data Breach
When the iPhone launched in 2007, we never could have predicted just how much it would change the course of communication, social interactions, and online data sharing. In 2019, a data breach that could bypass security certificates and access encrypted data like saved passwords, financial information, and pictures was discovered and corrected on Apple iPhones. Experts said the actual breach had occurred a few years previous and it's impossible to know how many users were infected or how much data was compromised.
In 2019, SolarWinds' systems were breached by hackers masked as a fake software update, who then gained access to SolarWinds clients, the likes of which are the Department of Homeland Security and the Department of the Treasury. Ironically, SolarWinds is itself an information technology firm and was unaware of the breach for months. This attack showed that even the largest players in the IT world and in government agencies are not immune to cybersecurity attacks, and are likely even more appealing targets for hackers because of the wealth of money available to maliciously gain.
Colonial Pipeline Hack
Earlier this year, the Colonial Pipeline ransomware cyberattack caused widespread gas outages and fuel supply panic. The cybersecurity world has been discussing the possibility of an attack on utility infrastructure for years, and this event proved just how devastating one can be, with effects on par with a hurricane or another natural disaster. The Colonial Pipeline was a pivotal moment in ransomware attacks because of the high ransom paid by Colonial to hackers for the return of information. The attack also created urgency and understanding in the general public about cybersecurity because of the real-world, personal implications they felt when gas wasn't available.
Each of these events truly underscores how much can change in just a few years and how important it is for cybersecurity professionals to keep changing with the times. Unfortunately, the number of cyberattacks will only increase as more data is available online, and the impact of these attacks will continue becoming more significant.
Based on what we've seen so far, there likely will be cybersecurity attacks ransoming the access to common needs, such as power or water, because hackers are out to make money, and those utilities are things people will pay to redeem. Hackers are always following the money and looking for what else can they hold hostage.
One crucial thing the last 30 years should have taught us is this: Never take online security lightly.