Americans are required to take history classes throughout primary, secondary, and higher education. Why is that? Well, not only do we develop an understanding of how we came to be here today, but we also learn about key moments and the repercussions that follow. We learn about history so we know how to act in the future.
George Santayana said, “Those who cannot remember the past are condemned to repeat it.” If we don’t learn about past wars and conflicts, we would likely make some of the same mistakes that our ancestors made. This concept can be applied to cybersecurity. Though the prevalence of technology only dates back a few decades, it is still crucial to analyze its implications over time.
The first computer virus the world ever saw on a large scale was the “Creeper” developed in the early 1970s. It infected many computers before the first antivirus, “Reaper”, was created to combat it. This was a retroactive program made in response to the cyber-attack.
Not even two decades later, the first computer worm made its way through holes in digital security systems. Malware, like viruses and worms, have evolved with technology. They are now more complex, but also more frequent. Technology is readily available to the majority of the public. This means that even high schoolers have the potential to make malicious software.
Because of the increased dependence on technology, at home and in the workplace, hacking is becoming more and more attractive. Sensitive information, e.g. credit card numbers and social security numbers, are stored in online data houses. People seeking attention or carrying out get-rich-quick schemes try their hand at insidious software development in an attempt to access this data.
For example, $2 billion worth of Boeing’s aerospace documents were compromised when it was discovered that Greg Chung had been stealing sensitive material for over 30 years. To make matters worse, he delivered (likely sold) the material to China. Giving a foreign country access to American military and spacecraft intel is a threat to the country, not just Boeing.
On the consumer side, mega-corporations like eBay, Yahoo, and Target suffered massive data breaches. These cyber-attacks affected millions of Americans, releasing their sensitive personal information. The companies had to pay millions in fees and damages to those affected.
Their actions and consequences provide key examples of what to do, and what NOT to do, in a cyber crisis. For example, Yahoo didn’t publicly admit to having endured a data breach for years, resulting in an even harsher punishment and media coverage.
This already seems like a large enough headache to handle for business owners and consumers alike, but it gets worse. The American
federal government is also not immune to cybercrime.
This was demonstrated when Edward Snowden leaked classified information from the National Security Agency in 2013. The whole country was divided by controversy in trying to determine what to make of Snowden’s actions. Many people lost faith in the government and the security that they thought it could provide.
These events, and more, have contributed to scores of cybersecurity programs that are in place today. Chief Information Security Officers (CISOs) and even information technology (IT) professionals have worked to develop systems that proactively protect their businesses, including their employees and customers.
Once a cyber-attack occurs, all cleansing actions are retroactive. The damage is done and companies are working in a stop-loss fashion. To combat these scenarios, proactive efforts to create training programs and preventative software are crucial when it comes to cybersecurity.
The cybercrimes described above, and more, can be studied to see what went wrong and how to remedy that going forward. Just like economists or political figures analyze past events to determine their course of action, CISOs use the past to figure out the present and future of cybersecurity.
In fact, they can look to 8 turning point events that have affected cybersecurity forever. Details are outlined in the visual below.