Hacking Before Mainstream Adoption of the Internet
Over the past 50 years, we have seen an exponential increase in the use of digital products.
This growth prompted a rise in touchpoints where hackers can potentially gain access to private information- affecting individuals and corporations alike. Yet, where did the need for IT security arise and what types of attacks were hackers using before the internet exploded in popularity?
Before the adoption of computers, hackers found a way to exploit existing telecoms networks. Colloquially referred to as ‘phreaking’, hackers would break into a network and exploit any weak links, thus, allowing them to make free phone calls and tap phone lines. The pioneer of phreaking was American computer engineer John Draper. Draper discovered that by sending a 2600hz tone down the phone line he could trick the in-band signalling. Further adding to the story, Draper somehow found that the toy whistle found in Cap’n Crunch cereal produced this tone. From this accidental discovery, Draper was given the nickname Captain Crunch.
Captain Crunch later taught a young Steve Jobs and Steve Wozniak about his discovery. Who together created the first digital phreaking device- the Blue Box. Blue Boxes worked by producing the necessary tones that trick the providers. The two started selling these Blue Boxes to friends and family, who too started calling for free. However, they did not last long, as the pair were almost apprehended by police and stalled production. Since then, blue-boxes have become obsolete as network providers no longer use in-band signalling.
The first official computer virus -Elk Cloner- was created in the 80’s. Unlike today’s viruses, Elk Cloner needed a person to physically carry the virus from computer to computer via floppy disk. It was masterminded by 9th grader Richard Skrenta, who found that if he left virus ‘residue’ on an operating system he could create errors within an inserted floppy disk without touching the disk itself. Prior to this, viruses could only spread if the direct disk had been tampered with. Elk Cloner caused subtle errors with the disk until the 50th insert where the following poem would show up:
Elk Cloner: The program with a personality
It will get on all your disks
It will infiltrate your chips
Yes, it’s Cloner!
It will stick to you like glue
It will modify RAM too
Send in the Cloner!”
Elk Cloner spread through one operating system that infected a clean disk. When the infected disk was then placed into a clean computer the computer would also become infected. This cycle continued further. While the original Elk Cloner did no serious damage to computers, it has since evolved into a destructive virus that can cause serious harm.
During the 1990’s computer viruses began to grow in volume. However, so did public awareness of them, thus, causing hackers and fraudsters to adjust their strategies. No longer were individuals being attacked from just faulty floppy disks, they were also being attacked by early phishing tactics. The most notable early phishing hack was AOHell, which was designed to hack AOL users by allowing the hacker to pose as an employee and asking them to ‘verify their account’ or ‘confirm billing information’. Once this information was given up, the hacker could steal from the target. This became so prevalent on AOL servers that AOL added a line on all instant messages, stating ‘No AOL employee will ask you for your billing information or your password’.
During the 21st Century cybercrime has further evolved into a very complex matter. If you’re worried your firm is at risk, it’s likely that it is. Reach out to access your risk and see how we can prevent cybercrime within your organization.
Secure Sense is the security provider that cares. We are a team of experts with a passion for IT and protecting your organization is what motivates us daily. If you have questions, want to learn more about our services or just want to chat security please give us a shout. If you’re looking to guest blog, please send an email here.
You can also find us on Twitter, Facebook, LinkedIn.
With only 14 days until Camp, 2 more days to register and a few spots open for InfoSec leaders, we encourage you to register today.