A BRIEF HISTORY OF MALICIOUS THREATS

In the early days of computing, were mostly showing The first ever reference to malicious hacking is 'telephone hackers' in MIT's off their skills for amusement or student newspaper. The Tech of hackers tying up the lines with Harvard, configuring notoriety. This started with 1963 the PDP-1 to make free calls, war dialing “phone ” to make free and accumulating large phone bills. long distance calls. John T. Draper (aka. Captain Crunch), his friend Joe Engressia, and blue box phone phreaking hit the news with an Esquire Magazine feature story. 1971

Kevin Mitnick breaks into his first major computer system, the Ark, the computer system Digital Equipment Corporation This advanced into botnets, (DEC) used for developing their RSTS/E viruses and worms. Infections 1979 operating system software. increased dramatically, though hackers were mostly being forms in Germany. Ian Murphy aka Captain destructive and weren’t profiting Zap, was the first cracker to be tried and convicted as a felon. Murphy from their efforts. broke into AT&T's computers in 1981 1981 and changed the internal clocks that metered billing rates. The movie WarGames introduces the wider public to the phenomenon of hacking and creates a degree of mass paranoia of hackers and their supposed abilities to bring the world to a screech- ing halt by launching nuclear ICBMs. 1983 The U.S. House of Representatives AV is created to combat these begins hearings on threats. hacking.

Cult of the Dead Cow forms in Lubbock, Texas, and begins publishing its ezine The magazine 2600 begins regular publication. 1984

Cybercriminals begin bypassing Arrest of a hacker who calls himself The Mentor. He published a now-famous AV software. treatise shortly after his arrest that came 1986 to be known as the Hacker's Manifesto.

Bulgarian virus writer wrote 1260, the first known use of polymorphic code, used to circumvent the type of pat- Security software and Firewalls tern recognition used by antivirus software, and nowadays also intrusion detection 1992 becomes more advanced. systems. Hackers bypass AV software with more advanced threats. The first DEF CON hacking conference 1993 takes place in Las Vegas.

Hackers adapt to emergence of the World Wide Web quickly, moving all their how-to information and hacking is born – Hackers programs from the old BBSs to new begin breaking into networks hacker web sites. 1994 and stealing valuable data for profit. Hackers alter Web sites of the United States Department of Justice (August), the CIA (October), and the U.S. Air 1996 Force (December). www.

First high-profile attacks on 's Theft of personal data Windows NT operating system. 1997 skyrockets cybercrime into a multi-billion dollar industry. March: The worm is released and quickly becomes the most costly outbreak to date. July: releases 2000 at DEF CON. 1999 August: , sentenced to 5 years in prison, including 8 months solitary confinement.

May: The ILOVEYOU worm, also known as VBS/Loveletter and Love Bug worm, is a written Security Software and in VBScript. It infected millions of computers worldwide within a few hours 2000 Hardware is no longer enough of its release. It is considered to be one to protect computers and of the most damaging worms ever. networks. MSSP’s emerge to Microsoft becomes the prominent victim of a new type of hack that attacks thwart the endless variety of the domain name server. In these denial-of-service attacks, the DNS attacks. 2001 paths that take users to Microsoft's websites are corrupted.

June: FBI Operation Bot Roast finds over 1 million botnet victims. A spear phishing incident at the Office of the Secretary of Defense steals SIEM combined with teams of sensitive U.S. defense information, lead- ing to significant changes in identity and 2007 trained security specialists message-source verification at OSD. become necessary. April: Conficker worm infiltrated millions of PCs worldwide including many government-level top-security computer 2009 networks.

The Lulz Security is formed. Advanced Threat Intelligence is April: An "external intrusion" sends the PlayStation Network offline, and utilized – constantly updating compromises personally identifying information of its 77 million accounts, 2011 with information on threats from in what is claimed to be one of the around the globe. five largest data breaches ever.

The social networking website Tumblr is attacked by hackers. Consequently, 65,469,298 unique emails and passwords 2013 were leaked from Tumblr.

June: the records of 21.5 million people, Security Event Management including social security numbers, dates of birth, addresses, fingerprints, and securi- and Correlation – networks are ty-clearance-related information, are stolen monitored for behavioral from the United States Office of Personnel Management. 2015 July: The servers of extramaritial affairs anomalies. website Ashley Madison were breached.

July: WikiLeaks published the documents from the 2016 Democratic National Commit- tee email leak. October: The Dyn cyberattack is being conducted with a botnet consisting of IOTs 2016 infected with by the hacktivist groups SpainSquad, , and New World Hackers. May: WannaCry attack started on Friday, 12 May 2017, and has Security teams investigate been described as unprecedented in scale, infecting more than 230,000 computers in these threats and determine a over 150 countries course for remediation. June: cyberattack 2017 May–July: The Equifax breach September: breach

June: Lazy FP State Restore, a speculative execution exploit affecting Intel Core CPUs, 2018 is announced by Intel.