The History of Cyber Security 1970-1986

The History of Cyber Security 1970-1986

The wild 70s and 80s - Honeywell and ARPA, Kevin Mitnick, Trojans, Cold War, Markus Hess  

We left off our little excursion into the history of cyber security with the story of Creeper and Reaper. As a refresher Creeper was a program written by Bob Thomas that moved through the ARPANET and left a small message wherever it appeared. Reaper was a programmed specifically to hunt for Creeper. So if you will the first computer virus and the first antivirus program.  

All this happened in the early 1970s. But what happened next?  

You have to know that telephones were the main communication channel at that time. Phearking, which emerged in the 1950s, had shown how easy it could be to break into a system and exploit vulnerabilities. As companies increasingly used the telephone to build remote networks, they began to eliminate vulnerabilities, because any hardware that was connected was a potential gateway and had to be defended accordingly. Also the dependence on computers and the general networking increased, so that the topic security was discussed clearly more starting from the year 1972 and, particularly, academics demanded to deal with these topics. Even then, many recognized the devastating consequences that could result from the loss of data.  

Thus, the U.S. Air Force, together with ESD and ARPA, set out to establish computer security. Working with other organizations, they succeeded in creating a design for a security core for the Honeywell Multics. Multics is an acronym for Multiplexed Information and Computing Service and is the operating system in mainframe computers. The development was funded by ARPA, Defense Advanced Research Projects Agency, an agency within the United States Department of Defense. And Honeywell was the first commercial success of Multics. Within ARPA, Protection Analysis was already investigating the security of systems and additionally developing automatable techniques to detect vulnerabilities within software.  

Towards the end of the "wild decade", the then 16-year-old Kevin Mitnick entered the big stage in cyber space. The California native, who is said to have hacked the U.S. Department of Defense network over a hundred times and the NSA a few times in his career as a hacker, hacked The Ark. The Ark was a computer manufactured by Digital Equipment Corporation. This computer was used to develop operating systems. Mitchnik made copies of the program. Mitnick, who, as mentioned above, made a more or less considerable career as a hacker, was arrested for his crimes and sentenced to prison. In the meantime, Kevin Mitnick has turned away from hacking and is working as an independent consultant.  

After the wild '70s came the '80s: this decade saw the accumulation of what Mitnick and the Roscoe Gang, where Mitnick was a member under his alias "Condor," had already begun - hacker attacks. The targets got bigger, National CSS, the Los Alamos National Laboratory, and AT&T, too, and so did the spoils. The 1980s were all about computers, with increased robots, computers but also viruses appearing on many screens in movies and series. Then, in 1983, the terms computer virus and Trojan horse also found their way into many people's linguistic duct. Furthermore, the Cold War was the dominant theme in the 80s.  

In these times, espionage, especially in cyberspace, became a major and serious threat. It even went so far that the United States Department of Defense published the Orange Book in 1985. The Orange Book specified the criteria that had to be met in order to classify a computer system as trustworthy. These criteria were as follows:  

  • First, the trustworthiness of the software had to be evaluated and whether it was capable of processing sensitive and classified information 
  • Which security measures had to be built in ex works by the manufacturer  

In the 1980s, the Internet replaced the ARPANET, which had previously dominated, and became a haven of danger from the very beginning. However, the ARPANET still remained in use. And despite the guideline set up by the US Department of Defense, a German succeeded in holding a mirror up to the USA. In 1986, Markus Hess gained access to the ARPANET via an Internet connection in Berkeley, California. He successfully attacked around 400 military computers, including mainframes located in the Pentagon. Hess wanted to sell the stolen information to the KGB.  

Security became the dominant issue, experienced users learned quickly. They learned to monitor their memory - the sudden loss or rather reduction of memory is still a sign of an attack.  

All this step by step laid the path to what became cyber security. Next week we will look at the proper birth of Cyber Security and other topics. For that, follow our blog and social media channels. Do you have any questions about this article or about QUANTUM cyber lab AG products and services? Then please do not hesitate and contact us, our team will be happy to take the time to answer your questions and advise you in detail.  

Contact us now