Cybersecurity is one of the most fertile and fast-moving areas of technology. Cyber and data protection legislation is slowly catching up, with the implementation of GDPR in 2018 and the California Consumer Privacy Act in 2020. The first half of 2020 also saw a widespread worldwide shift to remote working by companies as their offices were forced to close because of the Covid-19 pandemic. The move left workers at risk of increased cyberattacks.
Listed below are the major milestones in the journey of cybersecurity, as identified by GlobalData.
1971 – The first ever computer worm was created, displaying the words, “I am the Creeper: catch me if you can.”
1982 – A high school student developed the first virus, ‘Elk Cloner’, which infected the Apple II operating system.
1986 – The first US Fraud and Abuse Act was passed, defining Federal computer crimes and penalties.
1988 – Robert Morris created a self-propagating virus, which attacked the early internet, causing upto $10m of damage.
1990 – The UK passed the Computer Misuse Act, which criminalised unauthorised attempts to access IT systems.
1999 – The Melissa virus infected users through Microsoft Outlook, causing an estimated $1.2bn in damages.
2000 – The ILOVEYOU virus affected more than 500,000 systems and led to $15bn worth of damage.
2001 – The Council of Europe drafted a Cybercrime Treaty to define cyber crimes committed by using the internet.
2002 – A DDoS attack struck 13 DNS root servers, knocking out five. It was the first attempt to disable the internet.
2008 – The US Department of Homeland Security released a taxonomy of attack patterns.
2008 – US Presidential and Homeland Security directives primed a national initiative to counter network attacks.
2012 – US cyber chief, General Keith Alexander, railed against a loss of intellectual property to Chinese hackers.
2013 – US retailer Target suffered a massive data breach, exposing the personal data of 40m credit card customers.
2014 – Private sector data breaches targeted Sony Pictures, JP Morgan and Apple’s iCloud servers in China.
2015 – More breaches emerged at the US Office of Personnel Management, TalkTalk and dating site Ashley Madison.
2016 – Yahoo announced that a hacker had stolen information from at least 500 million user accounts in late 2014.
2016 – Yahoo announced a 2013 breach, in which hackers stole personal details from one billion user accounts.
2016 – The EU adopted the NIS (Network and Information Security) Directive, its first EU-wide cybersecurity legislation.
2017 – A bad year for attacks, with ransomware exploits almost doubling from 82,000 from 2016 to 160,000 in 2017.
2017 – A breach against credit reporting agency Equifax affected 145m US consumers, 45% of the US population.
2017 – The WannaCry ransomware attack infected an estimated 300,000 computer systems in four days.
2017 – Uber paid a $100,000 ransom after hackers in 2016 accessed the personal information of 57m Uber drivers.
2018 – Research revealed security flaws in every computer chip made in the last 20 years.
2018 – In May 2018, the European General Data Protection Act (GDPR) came into force across EU countries.
2019 – The UK Information Commissioner fined British Airways $230m and Marriott Hotels $123m for GDPR breaches.
2019 – Hackers demanded $76,000 in Bitcoin after a ransomware attack froze systems in Baltimore.
2020 – The US state of California introduced a Consumer Privacy Act to enhance citizens’ data privacy rights.
2020 – The threat of the COVID-19 virus forced companies into a hurried shift worldwide to remote working.
2030 – The worldwide cybersecurity market is expected to be worth nearly $238bn, according to GlobalData.
This is an edited extract from the Cybersecurity – Thematic Research report produced by GlobalData Thematic Research.