The History of Hacking and Evolution of Hacking
Ashwin HarishP
Red Teaming | Bug Hunter | Pentester | CTF Player | Researcher | IEEE Member | Full Stack Developer
Overview
Whether you like it or not, the internet was built by hackers. These were people who saw computers that were still the size of a room and decided that they could make them do something cool. That’s why the history of hacking includes people tinkering with, improving, and providing open access to their findings.
Continue reading to discover how hacking has evolved from accessing telephone lines for free long-distance calls, the different types of hacking, and the future of hacking.
What Is the Definition of Hacking?
Generally, hacking refers to unauthorized intrusion into a network or an individual computer. In addition, rather than just accessing these networks, hacking usually includes altering systems or security features to accomplish a goal different from the original purpose of the system.
Non-Malicious Hacking
Hacking didn’t start as a way to encrypt the files of individuals and businesses for ransom.
In fact, hackers originally referred to students attending the Massachusetts Institute of Technology during the 50s and 60s who created an elegant solution to a problem or practical jokes, such as when a replica of a campus police car was put on top of the school’s Great Dome.
Over time, that image and definition has morphed and now the image of a hacker is someone trying to exploit individuals or companies or those who steal personal and financial information and sell it on the dark web for a profit.
What are the Types of Hackers?
There are three types of hackers:
The History of Hacking – The First Hackers
The first hackers weren’t out to lock someone’s personal files and data for a profit. Instead, these hackers were trying to game the system or exploit weaknesses large corporations didn’t know they had.
More often than not, they were simply looking for a thrill of doing something that they weren’t supposed and tinkering with new ways and processes of doing something, similar to the MIT students.
1957 – The Phone Phreaks
In 1957, a blind man with perfect pitch, Joe Engressia, found that if he whistled the fourth E above middle C, he could stop a dialed phone recording. A few years later, after meeting Engressia, John Draper realized that a toy whistle distributed in Captain Crunch cereal boxes could make the same pitch and others that gained access to the phone system.
Their findings started a small, underground club called the Phone Phreaks, and soon they needed to find a better tool to make the sounds. This is when Draper invented the blue box, an electronic device that could make a specific set of tones that matched the tones of the phone company used to direct calls.
By using this tool Phone Phreaks could make calls all around the world and access areas of the phone system previously only available to the phone company. Soon, their technology spread around the world and they held conference calls deep inside the phone system where they could talk to others with the same interest.
This was like a precursor to chat rooms and forums, such as Reddit and Quora, and even to an extent the dark web.
In 1971, Ron Rosenbaum published an article in Esquire depicting the entire process and names. Once the article was published, many more people around the country tried gaming the system in the same way and caused a backlash to the Phone Phreaks. Soon, possession of a Blue Box could get you two years in jail.
A year later, Captain Crunch was indicted and served four months in jail.
1972 – Steve Wozniak
Inspired by the Esquire article, Steve Wozniak was so enthused that he tried creating his own blue box. He searched out John Draper and invited him to his dorm in Berkeley to show him how to use it.
After long discussions and lessons, Wozniak and his friend Steve Jobs drove back to Jobs’ house, but their car broke down. They tried using the blue box to call a friend to come pick them up when a police cruiser arrived and two cops got out and nearly arrested the duo.
1975 – Homebrew Computer Club
One of the first computer hobbyist’s clubs, the Homebrew Computer Club first convened in a garage in what is now Silicon Valley. Quickly, membership grew from 32 members on March 5, 1975 to 240 within a couple months. Two years later, they had more than 1,500 on its mailing list.
The group focused on complete and open sharing of information, which is why many real “engineers” didn’t join because they didn’t have permission to do what had never been done before. These hackers set out to build their own computers, but without any practical reasons.
Instead, they built computers for the enjoyment and the challenge. Their computers could play games and music, created graphics and drawing programs. This directly led to Steve Wozniak building his perfect computer, the Apple I, which was quickly followed by the Apple II.
These ‘hackers’ used whatever hardware and software regardless of where it came from, including from a recently formed company by Bill Gates and Paul Allen called Micro-Soft. In fact, they sent a letter to the club threatening legal action if they didn’t stop using their software.
The History of Hacking – The 1980s and 90s
As computers and technology entered the 80s and 90s, the history of hacking entered a new phase, both from the side of the government and businesses and the side of the hackers. For instance, as the government and private businesses realized the potential for cybercrimes, they passed laws and began prosecuting hackers.
On the other side, most hackers were still just looking for a new thrill and to beat the system. Most of the major hacks during this time weren’t for financial gain (though some were prosecuted for lost time and productivity of businesses and employees). This was the early stages of hacking and computers, and people began choosing sides.
1986 – Computer Fraud and Abuse Act
As personal computers became more popular, the Federal Government faced growing concern about the lack of criminal laws to fight the emerging field of computer crimes. In order to close those loopholes, Congress passed the Computer Fraud and Abuse Act (CFAA) in 1986.
The law included language that criminalized computer-related acts, such as:
Updates to the CFAA
Over the years, Congress has updated the law to meet new challenges and sophistication of hackers, computers, the internet, and new viruses. In 2008, Congress made changes that included:
1988 – Kevin Mitnick
Without his own computer, Mitnik went to Radio Shack and hacked the computers and modems that were located in the store. Just like his idol, John Draper, he used social engineering and with some friends, bluffed their way past a guard into the headquarters of the telephone company and stole technical manuals at the age of 17. He was arrested and served a juvenile sentence.
In 1988, Mitnik hacked into computer giant DEC and copied details of secret software and was soon arrested and served a year in jail.
After his release, he hacked the passwords of investigators following him while he was on parole. This counted as breaking his parole and quickly a judge issued a warrant for his arrest. He spent the next two and a half years on the run and became at one point the FBIs #1 Most Wanted.
When he was finally arrested in 1995, he was held in county jail for four and a half years without a trial. In 1999, he was sentenced to five years in jail, though he had already served most of it and was released on supervised release in 2000.
领英推荐
1990 – Operation Sun Devil
On May 8, 1990, federal and state law-enforcement agents raided homes and businesses in 14 cities across the country and seized about 40 personal computers and 23,000 data disks. These raids generally took place in middle-class suburban neighborhoods and targeted credit card thieves and telephone abusers.
There were 27 search warrants executed that resulted in three arrests. However, it has been criticized as a failure by some because it led to a number of unsuccessful prosecutions and many of the raids didn’t lead to any arrests.
On the other hand, it was the first major publicized action by the federal government against hackers and sent a clear message to others. Plus, it did stop the illicit hacking of some of the best hackers in the world for a short time.
The History of Hacking – Hacking in the 2000s
As we entered the new millennium and the popularity of the internet exploded, computers became smaller, more prevalent, and businesses were more reliant on the technology than ever before.
Some hackers saw this is an opportunity to get rich. During the late 90s and the early 2000s, cybercrimes morphed from pranks that caused lost productivity to worms that affected nuclear facilities.
During this time, hacking officially entered a new age.
1999 – The Melissa Virus
Right before the year 2000, David L. Smith from New Jersey masked a virus as a simple Microsoft Word attachment to an email. Once the unsuspecting recipient downloaded the file, the virus replicated itself and sent out copies to the first 50 names in the victim’s contact list.
Some estimates claim that roughly 20% of the world’s computers were infected. However, no sensitive information was stolen, though many businesses were disrupted. Eventually, some businesses had to restrict internet access or shut down their email networks, including Microsoft, Intel, Lockheed Martin, and Lucent.
In the end, David L. Smith served 20 months behind bars and caused an estimated $80 million in damages in lost productivity.
2000 – Mafiaboy Takes Down the Web
15-year-old Michael Calce, better known as Mafiaboy, successfully took down CNN, Yahoo, Amazon, eBay, Dell, and eTrade because he wanted to impress other members of the online hacking community.
His hack, named “Project Rivolta”, used a DDoS attack that overwhelmed corporate servers and caused websites to crash. His ability to knock down these important sites (at the time Yahoo! was the most popular search engine and second most visited site) caught the eye of the President, the Attorney General, and made cybercrime legislation a top priority.
2010 – Stuxnet Worm
For roughly 17 months, a worm program less than 1 MB in size secretly took over the Siemens SCADA control systems at Iran’s nuclear refinement plants. Once there, the worm commanded that 5,000 of the 8,8000 uranium centrifuges to spin out of control, then suddenly stop and then resume, all while reporting that everything was normal.
This ruined thousands of uranium samples in secret and wasted thousands of hours of work and millions of dollars in uranium resources.
While no proof was ever given, many believe that the US was responsible for the attack.
Modern Hacks and Hacking
Though there are some gray hats, or those who straddle the line between black hat and white hat hacking, most hackers fall very clearly into one of the two categories. One of the main reasons is how much money can be made from illegal activities.
As you can see from the modern hacks listed below, many hacks now result in significant financial loss. And those data breeches that focus on personal information that don’t seem to cause any financial loss at the time, usually are used later for financial gain through stealing identities, phishing campaigns, or both.
2013 – International ATM Heist
In less than 12 hours, $45 million was stolen from ATMs located in 24 countries and on five continents. In New York City alone, a team of eight people made 2,904 illegal ATM withdrawals, stealing about $2.4 million.
How did they get access to all this money?
Hackers infiltrated a credit card processing company through their payment processing, which are usually less secure than going straight to the issuing companies or banks themselves. Once they had access, the hackers eliminated the withdrawal limits on prepaid Visa and Mastercard debit cards.
After the hackers gained access to a dozen account numbers, they sent the pin numbers to field operatives located around the world withdrew money. Because they were prepaid debit cards and not individual accounts, it took longer for the financial institution to realize the fraud.
2014 – Russians Hack the White House
In an apparent retaliation of US sanctions against Russia for their invasion of Ukraine, according to US officials, the Russian government used hackers to access the unclassified system of the White House, including non-public details of the president’s schedule.
The FBI, Secret Service, and US intelligence agencies said they considered the attacks among the most sophisticated ever launched against US government systems and the hackers routed the intrusion through computers around the world.
In order to get to the White House, the hackers initially broke into the State Department through a phishing email, showing once again that many sophisticated cyberattacks begin with human error.
2017 – WannaCry
According to US officials and many cyber security companies, the Lazarus Group, a cybercrime organization that may be connected to the North Korean government, released WannaCry in May of 2017. This ransomware worm encrypted a victim’s computer and demanded payment to recover files.
The attacks spread through a flaw in Microsoft Windows first discovered by the US National Security Agency, where it was stolen by hackers and posted by the Shadow Brokers, a group that regularly taunts the US government.
Some officials believe that as many as 200,000 computers in 150 different countries have been affected, including the UK’s health service.
The Future of Hacking
Unfortunately, the future of hacking will probably mirror the history of hacking to this point. That means that cybercriminals will stay ahead of cyber security and intelligence agencies by using new methods and more sophisticated attacks.
Some of the most important future threats include:
Most countries are concerned with state-sponsored attacks or hacktivism because of the lack of control and preventative measures available.
Plus, these types of attack can shut down different aspects of the country, such as the power grid or telecommunications. As the number of connected devices continues to grow, if the internet went down for a day, the entire system would be vulnerable.
White Hat Hacking in Today’s World
White hat hacking is very popular and HackerOne, of the companies that connect people who like to spend time searching for flaws in software with companies willing to pay for the bugs they find, had over 200,000 registered users. According to the company, about 12% of those earn $20,000 a year or more and roughly 3% earn more than $100,000.
These white hat hacker companies help large corporations such as GM, Microsoft, and Starbucks hire these freelancers. Often, freelancers provide a number of benefits, such as:
These hackers are one of the ways that hacking stays true to its root of finding better, more efficient ways of doing something, of tinkering with computers to find new functions, and of creating open access to information.
Computer Science Major | Aspiring Bug Bounty Hunter | Passionate about new technology and innovations
3 个月So helpful ??