Exactly 46 years ago tomorrow, on October 29th, 1969, the first bits of data were transmitted over a long distance between two computers … and the internet was born. While only the first two letters of the word ‘login’ made it to their intended destination, it was the beginning of something special that would impact billions of lives worldwide. European Cyber Security Month and International Internet Day present a great opportunity to remember how this global venture and its security have evolved.
The early days of the internet – a safe and quaint town
The internet has changed greatly since the late 60s. Just compare the first webpage ever with almost anything you see online today and you can see just how far we’ve come. And, that’s not to mention the fact that internet companies now provide jobs for millions around the planet. Pretty impressive, right?
"The World Wide Web (W3) is a wide-area hypermedia information retrieval initiative aiming to give universal access to a large universe of documents.
It isn’t only content that has made such a great leap forward. The threats to the internet have also evolved and so too cybersecurity. It’s a significantly more challenging and complicated space, demanding more and more attention and resources.
Imagine then, the internet at the beginning of its life. It was more of a safe, quaint town, where almost everybody knows everybody else by their first name. It was a calm time – even malware was less harmful back then.
For example, in 1971, the first computer worm, the Creeper, was written. It was innocent, an experimental self-replicating program that was not designed to be malicious. Instead, as it spread through the internet, all it would do was display a simple message: “I'm the creeper, catch me if you can!”
The first real threat to emerge on the web was the Morris Worm, which arrived in the late 80s. Distributed via the internet, it infected, by some conservative estimates, around 10 percent of all internet-connected computers (approximately 60,000 at the time). Damages were estimated by the US Court of Appeals to be as far ranging as $100,000 to £10 million (although there were some saying it ranged up to $98 million).
And it “earned” its author, Robert Tappan Morris, three years of probation, 400 hours of community service, and a fine of over $10,000. He was a still a graduate student.
Megalopolis and its villains
And then the big bang came. Between 1996 and 2008, the number of websites jumped from 100,000 to 162 million and the internet started to resemble a global super city, where billions of citizens live out their everyday lives amongst the new emerging dangers.
"Between 1996 and 2008, the number of websites jumped from 100,000 to 162 million and the internet started to resemble a global super city."
Unfortunately this legacy is alive and well today and not everyone is capable of detecting the difference between the safe boroughs and the dangerous dark alleys, as well as distinguishing the good guys from the bad.
Malware tactics have changed too and they have become truly aggressive. Currently, it is not uncommon to see malicious software extorting users for money, stealing credentials or trying to take over their devices. But that doesn’t satisfy malicious users, who are also actively orchestrating a different form of attacks.
Through direct contact with the user, and by applying social engineering techniques, cybercriminals are trying to dupe their victims into handing over sensitive information, such as credit cards details, passwords and even their online identities through phishing (via malicious emails) and fake websites (which are laden with malware).
Even more advanced is the so-called APT tactic (Advanced Persistent Threat), which tends to be extremely well organized and funded, stealthy in nature and strongly focused on compromising specific commercial or governmental targets. And its ultimate aim? To use social engineering and malware to exploit vulnerabilities in order to extract valuable data and establish long-term presence in a victim’s network.
From Reaper to a more complex security
So, have we learned our lessons? Today’s IT defenses are beefed up across the board, so even without detailed knowledge, the risks can be at least partially reduced right off the bat. Since the advent of first simple “antivirus” designed to defeat Creeper – fittingly named Reaper – security solutions have become exponentially more complex, offering a wide range of security services.
For example, today’s security software can offer a safer online experience by identifying malware just by the way it behaves. At the same time, it can safeguard users from spam, phishing or social engineering tricks pulled by malicious actors.
With booming internet payments and online banking, some of the solutions are also offering safer ways to do online transactions, casting a security net around the financial details being exchanged.
Even losing a smartphone or tablet doesn’t have to mean kissing your privacy and security goodbye. Some of today’s software offers to track down a missing device to where you left it, or even wipe its data remotely in case it gets stolen.
But first and foremost, the users need to start taking better care of their safety themselves. And the International Internet Day is a good opportunity to remind us all of some of the best practices to apply day-to-day.