Hacking through the years: a brief history of cyber crime
Image credit: Getty images, Rex features, Alamy
Cyber crime is often thought of as a type of modern warfare, but hacking practices have been around longer than you might expect.
Early telephone calls
In the early days of telephone calls operators were required to connect customers though switchboards. The first operators were teenage boys, the logical choice as they had operated the telegraph systems that came before. In practice they proved a bit too unruly and were more interested in getting to know how the system worked and playing practical jokes than in making proper connections. In 1878, two years after the telephone had been invented by Alexander Graham Bell, the Bell Telephone Company was forced to kick a group of teenage boys off the telephone system in New York for repeatedly and intentionally misdirecting and disconnecting customer calls. From then on the company chose to only employ female operatives.
The discovery of electromagnetic waves in the late 19th century paved the way for Guglielmo Marconi’s wireless telegraph and so the first true feat of hacking. In 1903, magician, inventor and wireless technology enthusiast Nevil Maskelyne disrupted John Ambrose Fleming’s first public demonstration of Marconi’s ‘secure’ wireless telegraphy technology by sending insulting Morse code messages discrediting the invention. In a letter to the Times newspaper, Fleming asked readers for help to unmask the scoundrel responsible for such ‘scientific vandalism’. Interestingly, Maskelyne himself replied, claiming that his intention had been to unmask Marconi and reveal the vulnerability of his invention.
During the Second World War, huge military operations were dedicated to breaking the codes and ciphers used by the Axis Powers to transmit top-secret information, many of which were carried out at Bletchley Park in the UK. In 1939, in the best-known case of military codebreaking, Alan Turing, Gordon Welchman and Harold Keen developed the Bombe, an electromechanical device capable of deciphering German Enigma-machine-encrypted secret messages. Another codebreaking mission at Bletchley involved breaking the Lorenz cipher, which was used by the Germans to transmit high-level military intelligence. The codebreakers developed Colossus, the world’s first programmable electronic computer, which used thermionic valves to perform boolean and counting operations.
The rise of the phone phreaks
Phone hackers, aka ‘phone phreaks’, first emerged in the US in the late 1950s and would listen to tones emitted by phones to figure out how calls were routed. The unlikely father of phreaking, Joe Engressia, aka Joybubbles, was a blind seven-year-old boy with perfect pitch. In 1957 Engressia heard a high-pitched tone on a phone line and began whistling along to it at a frequency of 2600Hz – exactly that needed to communicate with phone lines. Other phreakers included John Draper, known as ‘Captain Crunch’ for his use of a whistle found in a box of Cap’n Crunch cereal, and Apple founders Steve Wozniak and Steve Jobs, who in 1975 began building ‘blue boxes’, electronic devices that communicated with phone lines.
Remembered as one of the most notorious hackers in internet history, Kevin Mitnick started out with a humble interest in ham radio and computing. From the 1970s until 1995 Mitnick penetrated some of the most highly-guarded networks in the world, including those of Motorola and Nokia. Mitnick used elaborate social engineering schemes, tricking insiders into handing over codes and passwords and using the codes to access internal computer systems. He was driven by a desire to learn how such systems worked, but became the most-wanted cyber-criminal of the time. Mitnick was jailed twice, in 1988 and 1995, and was placed in solitary confinement while in custody, for fear that any access to a phone could lead to nuclear war.
The Morris Worm
As a graduate student at Cornell University in 1988, Robert Morris created what would be known as the first worm on the internet – just to give himself an idea of the size of the web. The worm was released from a computer at MIT in 1988 in hopes of suggesting that the creator was a student there. It started as a potentially harmless exercise but quickly became a vicious denial of service attack as a bug in the worm’s spreading mechanism led to computers being infected and reinfected at a rate much faster than Morris anticipated. By the time he realised the issue and attempted to rectify it by telling programmers how to kill the worm, it was too late. Once discovered as the author of the worm, Morris became the first person to be convicted by jury trial of violating the Computer Fraud and Abuse Act.
Hacking under the pseudonym ‘Dark Dante’, Kevin Poulsen was multi-talented and also indulged in lock picking and forgery. As a teenager he narrowly escaped prison and was later recruited by research institute SRI International, but continued to delve underground. His exploits were revealed in 1988 when an unpaid bill on a storage locker led to the discovery of piles of blank birth certificates, false IDs and a photo of Poulsen breaking into a telephone company’s trailer. Poulsen fled, and a nationwide manhunt began. His most famous hack was in June 1990 when he hijacked the phone lines of a Los Angeles radio station that was promising a Porsche 944 S2 to the 102nd caller. His case later featured on NBC’s ‘Unsolved Mysteries’, when the show’s phone lines mysteriously crashed. The notorious multi-hacker was finally apprehended in April 1991.
Datastream Cowboy and Kuji
These two young hackers made history by causing havoc across global military networks, just because they could. On 28 March 1994, administrators at the Rome Air Development Center, a US Air Force research facility, discovered a password ‘sniffer’ had been installed onto their network, compromising more than 100 user accounts. Investigators determined that two hackers, known as Datastream Cowboy and Kuji, were behind the attack. Police informants were able to provide email correspondence with Datastream Cowboy, which revealed that he was a 16-year-old British boy who liked to infiltrate insecure military networks and even volunteered his phone number. After a month of investigations, in which the pair carried out a further 150 attacks, Scotland Yard closed in on Datastream Cowboy’s house. Once apprehended, Datastream Cowboy, real name Richard Pryce (pictured right), curled up into the foetal position and sobbed. It was another two years before Kuji, 21-year-old Matthew Bevan, was caught.
The Stuxnet worm
While some hackers and viruses are remembered for the unusual or funny, a malicious computer virus, first discovered in 2010, will go down in history for a very different reason. The Stuxnet worm has been called the world’s first digital weapon. Unlike other viruses, the worm seems to have been designed to cause physical damage to equipment controlled by computers. It was the first known case of hackers being able to elicit physical damage on real-world equipment, making it very complex and rather frightening. The worm was designed to target control systems used to monitor industrial facilities and was first discovered in nuclear power plants in Iran after a large number of uranium centrifuges began breaking unexpectedly. The worm, for which no one claimed responsibility, knocked out approximately one-fifth of the enrichment centrifuges used in Iran’s nuclear programme, damage which is estimated to have put the programme back by as much as two years.
The rise of social media has encouraged new groups who hack ‘for the lulz’ [laughs]and take to online platforms to publicise their feats. None have achieved such notoriety as Lulz Security, commomly known as LulzSec, a break-off group from hacking collective Anonymous. LulzSec publicised their hacks though Twitter with the intention of embarrassing website owners and poking fun at insufficient security measures. Having emerged in 2011 with an attack on Fox.com, the hackers went on to target more than 250 public and private entities, including an infamous attack on Sony’s PlayStation Network. The Sony hack compromised the private data of 24.6 million customers and led to the company taking down its online network for 23 days. The FBI had the last laugh: after the arrest of LulzSec co-founder Hector Xavier Monsegur, aka Sabu, in 2012, it emerged that the hacker had been supplying information about his colleagues during the campaign, leading to five arrests in the UK and Ireland.
DNC email leak
Hacks and leaks can be annoying, but they also have the potential to affect public opinion, as we may have witnessed in the run-up to the 2016 US presidential election. In July 2016 a series of Democratic National Committee emails were leaked to and subsequently published by WikiLeaks. The collection of 19,252 emails and 8,034 attachments from the governing body of the US Democratic Party, which included off-the-record correspondence with reporters, suggested that senior party officials may have favoured Hillary Clinton over Bernie Sanders, her main rival for the Democrat nomination. The widespread controversy following the leak led CEO Amy Dacey, CFO Brad Marshall and communications director Luis Miranda to hand in their resignations, and may have played a part in swinging some states in favour of Donald Trump.
Sign up to the E&T News e-mail to get great stories like this delivered to your inbox every day.