A Brief History Of Cyber Crime

Uploaded on 2024-07-15 in Education & Research, Directors Reports

A Brief History Of Cyber Crime

Research Report: This article is exclusive to premium customers. For unrestricted website access please Subscribe: £5 monthly / £50 annual.

As technology advances it brings many benefits, from increased productivity and efficiency to enhanced communications and cost reductions, but with advances in technology inevitably come heightened risks with cybercrime, which has exploded in recent times. Cybercrime is one of the largest and globally most active forms of crime.

Not least because the Internet is available all the time and visible to everyone, and that of course involves risks. Committing a crime via a computer or other device that is connected to the Internet is less risky for the perpetrator, because the identity of the perpetrator is difficult to find out.

Technically, the first cyber attack happened in France well before the Internet was even invented, in 1834. Two attackers stole financial market information by accessing the French telegraph system and they stole data. Many experts consider this event the first cybercrime, followed by other cybercrimes, each focusing on newly invented technologies.

The Telephone System

1878 The Bell Telephone Company took a group of young boys off the telephone grid in New York for repeatedly and purposely misdirecting and disconnecting customer calls two years after Alexander Graham Bell invented the machine.

The 19th and 20th centuries saw attacks focused on the telephone system. In 1876, Alexander Graham Bell patented the phone, which allowed transmitting speech using telegraphy.

Two years after the commercialisation of this invention, teenage boys broke into Bell’s telephone company and misdirected calls. In later years (1960s-1980s), phone hacking (phreaking) became popular.

Ethical Hacking

In 1940, Rene Carmille, a French computer expert, hacked into the Nazi data registry. He was a punch-card computer expert and member of the Resistance in France during the Nazi occupation. He owned the machines that France’s Vichy government used to process information. He discovered that the Nazis were using the machines to track down Jews, so he offered to allow them to use his machine. They took the bait, and he then used that access to hack them and disrupt their efforts. His work blocked the Nazis’ attempts to register and track Jewish people.

Later in 20th Century

Still, cybercrime didn’t really find its footing until the late 20th century. Spurred on by the digital revolution, cyber criminals became early adopters of technology, using their head start and their smarts to engineer new, devious ways to part people and organisations from their data and dollars.

From that moment on, cybercrime has grown exponentially, marked by an evolution of tactics, techniques, and procedures (TTPs), all implemented for malicious gain.

Now, cybercrime has expanded into its own ecosystem, full of leak sites, “as-a-service” models, lucrative attack vectors such as business email compromise (BEC), and an expanding global footprint that costs organisations more and more every year.

If there was a cybercrime hall of infamy, its halls would be lined with the names and faces of these noted attacks and attackers whose “groundbreaking” work caught both the eye of federal investigators and the envy of fellow hackers.

Cybercrime History

1962: The modern history of cybercrime began when Allen Scherr launched a cyber attack against the MIT computer networks, stealing passwords from their database via punch card.

1971: The first computer virus was created for research purposes by Bob Thomas at BBN technologies. Referred to as the Creeper Virus, the self-replicating program was detected on the ARPANET in 1971 and foretold the potential of future viruses to cause significant damage to computer systems.

1981: Ian Murphy became the first person ever to be convicted for committing a cybercrime after successfully hacking into AT&T’s internal systems and changing their computers’ clocks, causing havoc.

1988: The first major cyber attack on the internet came courtesy of Cornell grad student Robert Morris. The “Morris Worm” struck in the year before the World Wide Web debuted, back when the internet was primarily the domain of academic researchers. It infected computer systems at Stanford, Princeton, Johns Hopkins, NASA, Lawrence Livermore Labs, and UC Berkeley, amongst other institutions.

1989: Ransomware made its first appearance. This first strain of ransomware, the AIDS Trojan, was easy to remove, rendering it ineffective. Unlike the ransomware of today, this one appeared on floppy disks, with the cybercriminal handing out 20,000 infected disks to attendees of the World Health Organization’s AIDS conference.

The 1990s: New Technology Brings New Crime

The decade of the ‘90s gave rise to some of the greatest communication technologies and changes known to mankind, with the Internet connecting people across different communication networks wherever they were, all over the world.

But it wasn’t all good news. Cybercrime grew in strength thanks to these advancements. Hackers and bad actors leveraged the fact that, as these new technologies were developed and built, trust and safety controls weren’t initially a major concern.

Cyber security was a term yet to be coined, let alone an active field, so creating ground-breaking applications for communications and business efficiency was the principal focus of these years.

Nevertheless, an underground economy was slowly growing in strength, as viruses started to take hold.

AOL, the leading Internet provider of the decade, unwittingly became an attack vector itself, as cyber criminals would steal user credentials, launch phishing attacks, and spam other AOL users through instant messenger or email.

Escalating rates of cybercrime signalled that attackers were enjoying fresh opportunities, and devising new means to gain unauthorised access to systems and manipulate data across the web.

Some of the Most Notable Cybercrimes of the 20th Century

1994: Datastream Cowboy and Kuji — a 16-year-old British schoolboy and his accomplice — used a “password sniffer” program to launch a series of attacks that crippled the Air Force’s Rome Laboratory, while stealing research data used as attack instructions for warplanes in battle.

1995: Vladimir Levin was the first known hacker to attempt to rob a bank — and a very big bank at that. He hacked into Citibank’s network and conducted many fraudulent transactions. All told, he transferred more than 10 million dollars into various bank accounts worldwide.

1995: Kevin Mitnick, one of history’s most notorious hackers, became the first person to penetrate large networks by manipulating people and using insiders to get the codes to access Motorola and Nokia, amongst others.

1998: Max Butler, a security consultant for the FBI amongst others, hacked into US government websites under false pretences. The US Air Force alerted officials to his misdeeds, and he received an 18-month sentence. Later, for another illicit foray, he was sentenced to 13 years, a record for a hacker.

1999: Computer viruses were relatively unknown by the general public until the Melissa Virus struck in March 1999. A document uploaded online and promising access to adult videos, the virus would take over individual’s Microsoft Word applications, then jump to their Microsoft Outlook, and self-propagate by sending itself to various email accounts. It caused an estimated $80 million in damages and was one of the first major viruses that expanded beyond AOL.

Cybercrime Ramps Up In The New Millennium

The first decade of the new millennium saw more sophisticated attacks and an abundance of advanced persistent threat actors (APTs), most of which were sponsored by nation-states. The evolution of cybercrime meant new viruses and worms, which caused significant damage to critical sectors of the global, digital economy.

By decade’s end, cyber security was a concern to computer users everywhere, but especially to government agencies and large corporations who had the most at stake.

Notable Cybercrimes of the Decade:

2000: A 15-year-old hacker named Michael Calse — who went by the online handle “Mafiaboy”, launched a series of Distributed Denial of Service (DDoS) attacks on some of the largest commercial websites in the world, sites like Amazon, Yahoo, CNN, and eBay. The attack brought the sites down for hours in some cases and cost these businesses untold millions.

2000: Another major phishing attack occurred with the ILOVEYOU virus. Sometimes called the LOVEBUG or Love Letter virus, this worm infected over 10 million endpoints across the world. It spread as a spam email, accidentally opened by users, which allowed the worm to gain access to the entire operating system due to a flaw in Windows. It’s estimated that this single attack, which originated with an amateur hacker in the Philippines, caused billions in damages around the globe.

2005: A security breach at a U.S. retailer led to the data leak of 1.4 million HSBC Bank MasterCard users.

2006: The first ransomware strain to use advanced RSA encryption, named Archievus, appears. RSA encryption, or public-key encryption, is now the default for most ransomware attacks.

2008: In one of the largest breaches ever, Heartland Payment systems were attacked using a combination of SQL injection, password sniffers, and malware, compromising the data of 134 million users.

2010s: An Explosion of Cyber Attacks

The subsequent decade 2010-2020 saw an explosion in cybercrime, turning what was once a cottage industry into a big, global business. Attackers developed new malicious programs and techniques, which increased both the cybercrime rate and the number of attacks per day. Trillions of dollars were lost.

The decade also saw the rise of ransomware, as digital currencies like Bitcoin, the digitising of organisations, and the proliferation of mobile devices, new operating systems, and the dark web, gave threat actors new avenues and resources for attacks.

Cybercrime wasn’t the only industry that saw huge growth. Organisations began employing more cyber security professionals to counter the risk of cyber threats as the sense of assumed digital security dissipated.

And, due to the demand for constant data security, a new field emerged known as ethical hacking, whose sole purpose is to discover vulnerabilities prior to malicious exploitation. The evolution and increased sophistication of different types of cyber threats and how they’re leveraged in attacks puts organisations in precarious positions when it comes to defending against them. Here are the most damaging attacks from the previous decade:

2010: The Stuxnet worm, called the world’s first “digital weapon”, attacked nuclear plants in Iran, sabotaging the country’s uranium enrichment facilities.

2010: The Zeus Trojan virus was distributed around the world via email in an attack targeting financial services organisations. The 100-plus-person crime ring, based largely in the US, managed to steal more than $70 million from American banks.

2010: In a notorious nation-state attack, Operation Aurora was launched by Chinese military hackers on more than 20 leading technology companies. The public was first made aware of the attacks when Google notified the public that its intellectual property had been seized in the attack.

2011: Sony Corporation announced In April that, over the course of a few days, hackers stole information from 77 million users of its PlayStation Network. This included gamers’ usernames and passwords, their birthdates, answers to security questions, and more. It took 23 days to recover the system and remediate the threat.

2013: In perhaps the largest high-profile data leak of all time, whistleblower Edward Snowden revealed sensitive information stolen from several foreign governments with spyware software as part of the National Security Agency’s PRISM surveillance program.

2013: Over 110 million Target customers had their credit card records stolen in a phishing attack. The scheme involved a malware-laden email to the company’s HVAC subcontractor, allowing the cybercriminals to gain access credentials to the data.

2013: A researcher discovered that Finnish telecommunications Nokia was essentially conducting man-in-the-middle attacks on its smart phone users by sending HTTPs traffic through its servers and decrypting data. The company said it did so to help compress data and keep rates and charges reduced.

2013: CryptoLocker, the first ransomware to be spread by botnet and social engineering, shows both threat actors and the cybersecurity world how easily ransomware could spread and take over a system.

2013: In a now infamous and often referenced data breach, the information of 38 million Adobe users, including credit card information for three million of them, was leaked online.

2014: Celebgate occurs, as nude and intimate photos of celebrities are taken from hacked iCloud accounts and leaked online. This hack placed new attention on password hygiene and mobile device security.

2015: The first strains of SamSam ransomware appeared, which by 2018 had earned its creator nearly $6 million USD. Amongst its highest-profile “hostage-taking” strikes were the City of Atlanta and the Colorado Department of Transportation.

2015: A successful spear phishing attack against high-value US Defense Department targets with customised emails led to a data breach of information for 4,000 military and civilian personnel who worked for the Joint Chiefs of Staff. The attack forced the Pentagon to shut down its email system.

2015: A cybercrime group known as Impact Team leaks the internal database of Ashley Madison, a dating site frequented by those looking to have an extramarital affair. The group initially held the data for ransom, demanding the site be shut down, and after Ashley Madison resisted, the database was released. The breach brought to light the importance of data security, specifically around user data, as the site had archived and kept the personal information of past users, including credit card information and legal names.

2016: TeleCrypt ransomware appeared and targeted gamers, who downloaded it while playing games online. Luckily, a free decrypt tool was quickly created by researchers at Malwarebytes.

2016: Petya becomes the first ransomware variant to overwrite the master-boot record and encrypt the master file table within a system, locking victims out of the entire hard drive faster.

2016: The Austrian Aerospace firm, FACC AG, was defrauded of 50 million Euros in a spear- phishing scheme that tricked a finance employee to transfer the money into bank accounts controlled by the cybercriminals. As a result, the company’s CEO was fired.

2017: Perhaps the most insidious of all ransomware strains, WannaCry, managed to affect more than 200,000 Windows computers in 150 countries. It was especially dangerous, and deadly, as the UK’s National Health Service Hospitals were amongst the most devastated. It is widely assumed hackers in North Korea were behind the attack.

2017: Just a month later, piggybacking on the success of WannaCry was NotPetya, an updated version of the earlier ransomware strain. It took out organisations from shipping giant Maersk to multinational pharmaceutical manufacturer Merck.

2017: A Lithuanian cybercriminal posed as an Asian manufacturer to deceive Google and Facebook employees into wiring over $100 million to untraceable offshore bank accounts. The attack occurred two years before his capture. For their part, Google claimed to have recouped the funds it had lost.

2018: In the biggest DDoS inundation to date, GitHub, a popular developer platform, experienced traffic of 1.3 terabytes per second, which halted all operations on its server. GitHub had security measures in place, far more than most organisations, but was simply overwhelmed by the sheer size of the attack.

2018: Perhaps the most noteworthy of all crypto jacking attacks in this decade was Coinhive, a popular crypto-currency mining service that, for a time, was considered by leading security firms as the top malicious threat to web users. Its computer code could be used on hacked websites to steal the processing power of that site’s visitors’ devices. For 15 long months, cyber criminals used the malicious program to infect millions of devices.

2019: Capital One fell victim to one of the largest data breaches in banking history when over 100 million credit card applications were accessed and thousands of Social Security and bank account numbers were taken. Capital One spent around $150M mitigating damages.

2020 to Today: $Billions Stolen

If the 2010s were the decade where cybercrime was finding its footing, the 2020s have seen the ecosystem sophisticate in new ways.

There have been two colliding forces this decade: One is an overall rise in cybercrime driven by technological advances as well as socio-economic forces particularly in Eastern Europe and Asia, and the other is the rapid digitisation of organisations who are turning to the cloud, individual endpoints, and global expansion, but are doing so faster than their cyber security measures can keep up.

The Results

Cybercrime is now a 1.5 trillion-dollar business.

Cybercrime is the number one global business risk.

The average cost of a data breach is now $4.45m.

82% of breaches involve the cloud.

Cyber criminals are frequently targeting healthcare, which is now the top attacked industry.

Phishing and compromised credentials are the top two attack vectors.

Ransomware made up 24% of attacks in 2023.

It has become clear that cybercrime has evolved rapidly, and while advances in cybersecurity continue to happen, it’s a constant battle between overworked, understaffed security departments and threat actors.

The top attacks of recent years show just how nefarious and damaging cybercrime has become.

2020: Neiman Marcus notified 4.6 million customers that a hacker had compromised online accounts in May 2020, gaining access to personal data such as usernames and passwords, customer names, contact information, credit card numbers, as well as expiration dates and virtual card numbers.

2020: Russian cyber attacks on US governmental institutions have been on the rise and, in one of the most catastrophic data breaches during all of 2020, foreign intelligence operatives took advantage of a compromised SolarWinds program and invaded an estimated 18,000 private and government-affiliated networks. These data breaches granted attackers access to an abundance of identifiable information, including financial information, source code, passwords, and usernames.

2021: In early May, a suspected Russian hacking group took Colonial Pipeline offline for more than three days in an attack that made ransomware a household word. As Colonial provides 45% of the East Coast’s supply of gasoline, diesel fuel, and jet fuel, this was a major blow. Gas prices spiked across the country, some gas stations ran out of fuel, over-the-road deliveries were delayed, and there were even reports of gasoline hoarding.

2021: The infamous REvil collective hit Florida-based software provider Kaseya with a ransomware attack, demanding $70 million in bitcoin. This attack impacted businesses across five continents, including shutting down public schools in New Zealand, closing a major grocery chain in Sweden, and disrupting operations for hundreds of businesses across the US.

2021: 2021 closed out with the revelation of a zero-day threat that created massive waves in the cybersecurity industry, when security researchers published a proof-of-concept critical exploit for a remote code execution (RCE) vulnerability in Log4j, a Java logging library used in a significant number of internet applications. In the weeks following, businesses worldwide worked frantically to identify and mitigate the impact of the exploit, while security pros and experts released patches and scanning tools, and guided organisations on how to best protect themselves from attack.

2022: In one of the more frightening displays of cybercriminals’ willingness to endanger the lives and livelihoods of strangers, the agency that administers Social Security for Costa Rica was shut down by a late May ransomware attack, an attack which spread to other offices in the country and caused a state of emergency.

2022: A mid-September hack yielded a striking amount of material from a titan of the gaming industry. The hotly anticipated release of Rockstar Games’ Grand Theft Auto 6 was thrown into disarray when a hacker known as “teapotuberhacker” breached Rockstar’s internal Slack channel and purloined 90 videos of work-in-progress gameplay. But this hacker wasn’t done.

In an extremely similar Slack attack, teapotuberhacker lived up to their screen name on September 14 when they hacked Uber. The international ride-share company was breached even more deeply than Rockstar, with the hacker gaining “pretty much full access to Uber,” including email systems, internal communications, cloud storage, and code repositories.

2023: Popular genetic testing and sharing site 23andMe fell victim to a credential stuffing attack which exposed the personally identifiable data (PII) of 6.9 million users. The initial data leak on the dark web showed threat actors offered to sell data profiles in bulk for $1-$10 per 23andMe account, depending on how many were purchased.

2023: Sony found themselves breached again, this time by ransomware gang Rhysida, who attacked their subsidiary, Insomniac Games. The ransomware group, after asking for an initial ransom of $2 million USD, released 1.3 million files onto the dark web. This data included both in development materials for upcoming games and employee information.

2023: LockBit, a highly active ransomware group, was able to breach health insurance group MCNA dental, exfiltrating 700GB of data and holding it for a $10 million USD ransom. LockBit ultimately published the exfiltrated data on the dark web, which contained PII for 8.9 million individuals

2023: Social engineering was behind this breach of MGM Resorts systems, which cost the casino giant $100 million in lost bookings plus $10 million due to breach clean up. Ransomware gang Scattered Spider was behind the attack.

Current Cybercrime

Today, we have more to contend with than worms. We have viruses that have the power to damage or delete hardware, software or files. Trojans that can steal data. Spyware that invades users’ privacy by monitoring websites and gathering sensitive information such as passwords and financial details. And ransomware capable of holding data hostage and demand payment in exchange for reinstating access.

Unauthorised access and DDoS (Distributed Denial of Service) attacks, where computers or network services are overwhelmed by internet traffic and rendered unavailable, are also major cybercrime issues.

Despite the best efforts of worldwide cybercrime agencies, including the UK National Crime Agency (NCA), cyber criminals are still finding ways to launch attacks and carry out their unscrupulous activities, often costing businesses hundreds of thousands of pounds and putting millions of people at risk in the process.

The Future of Cybercrime

According to some estimates the global cost of cybercrime is expected to surge in the next four years, rising from $9.22 trillion in 2024 to over 20 trillion by 2028.

Cloud computing will become an increasing target for hackers. It also looks like passwords aren’t going anywhere even though there has been talk of alternatives that are less of a risk and more effective in securing systems.

AI tech is also expected to continue its incredible growth and become a key component in cyber security, especially in securing sensitive information like healthcare records.
Unfortunately, data breaches are expected to continue to increase.

This is unsettling to say the least, especially when considering the growing reliance on computer systems to store data. Some experts say that not only will the breaches be more prevalent, they will be more devastating.

From viruses on floppy disks to highly organised ransomware gangs evading law enforcement and stealing millions of dollars, cybercrime has come a long way.

The same advanced technology used for cyber security, including machine-learning and AI tools, are employed by today’s cybercriminals, too. So, staying one step ahead of them is an ongoing challenge.

While we don’t know what the future holds, some trends of 2023 and 2024, including the continued rise of business email compromise (BEC), which accounted for 29.7% of the total incidents, the takedown of ransomware-as-a-service (RaaS) gangs like LockBit , and the explosion of vulnerabilities and identity attacks shows that the cybercrime landscape is in for more volatility.

Image: Ideogram

References:

Arctic Wolf Redteam Cybersecurity Labs

Blue Voyant PC Docs UNext

Monroe College Goose VPN

Course Sidekick LinkedIn

Statista World Economic Forum

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.