The cybersecurity industry is less than a century old, but the first cyberattack actually occurred in 1834, when thieves (with the assistance of a corrupt telegraph operator) hacked the French Telegraph System to steal financial market information.
The first major misuse of technological systems occurred in the telecommunications industry in the 1970s. Hackers (who were also known as crackers) “cracked” telephone systems and used them to make free phone calls. (In the 1950s, amateur troublemakers had successfully used whistles to make free phone calls and create other acts of mischief.)
The introduction of personal computers in the 1970s and 1980s—combined with advances in technology and their ability to be networked and connected to telephone lines, modems, and the early version of the Internet (then called the ARPANET)—created many more opportunities for both cyber professionals and cyber criminals. Here are some noteworthy computer and cybersecurity milestones in the ensuing decades:
1986: The Computer Fraud and Abuse Act is voted into law. It prohibits intentionally accessing a computer without authorization or in excess of authorization.
1988: The first malicious software program (later called a worm) is released onto the Internet, which causes an estimated 10 percent of all computers connected to the Internet at the time to fail.
1988: The release of another worm prompts security experts at the National Computer Security Center (which is part of the National Security Agency) to create the Computer Emergency Response Team (CERT) Coordination Center. This federally funded organization—which is now known as the CERT Division—monitors and reports malicious activity on the Internet. Many consider the founding of the CERT Division as the beginning of the information security industry.
1989: Physicist Tim Berners-Lee invents the concept of the World Wide Web, an ever-growing collection of resources on the Internet.
1991: The National Science Foundation changes its policy to allow, for the first time, the Internet to be used as a publicly accessible network with no commercial restrictions.
1993: Congress passes the National Information Infrastructure Act. It creates federal criminal liability for the theft of trade secrets and for “anyone who intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage.”
1993: Mosaic, the first Web browser supported by a major institution, launches; many believe this marks the beginning of the modern Internet.
2000: The FBI’s Internet Crime Complaint Center is established to receive complaints of Internet-related crime.
2001: Monetary damages from cybercrime in the U.S. reach $17.8 million.
2000s: Technology-related crime becomes more prevalent, prompting the emergence of specialized cybersecurity firms, the creation of departments of information security at non-tech companies, an increasing emphasis on information security by government agencies, and strong demand for cybersecurity professionals.
2004: The activist group Anonymous forms and begins engaging in digital publicity stunts and protests that include hacking the Web sites of groups such as the Church of Scientology; it later targets many government agencies around the world.
2006: WikiLeaks is founded by a group of journalists (including Julian Assange). It serves as a clearinghouse for news leaks, secret information, and anonymous material. Much of the information it releases is damaging to individuals and governments around the world.
2008: One of the largest data breaches ever occurs when Heartland Payment Systems, a credit card processing company, is attacked via malware and other methods; the data of 134 million users is compromised
2009: Bitcoin software is released to the public and cryptocurrency mining begins.
2010: The Stuxnet virus is deployed to damage uranium enrichment centrifuges used in Iran’s nuclear development program.
2010s: The emergence of Big Data and the growing use of deep learning, natural language processing, and other types of artificial intelligence algorithms allow cybersecurity professionals to create powerful tools for threat detection, but also allow cybercriminals to use these resources to commit more destructive cyberattacks.
2013: Whistleblower Edward Snowden reveals sensitive information that was stolen from several foreign governments with spyware software as part of the National Security Agency’s PRISM surveillance program.
2015: Ransomware attacks increase in frequency and severity.
2018: Monetary damages from cybercrime in the U.S. reach $2.7 billion.
2020: Russian cyberattackers take advantage of a compromised SolarWinds software program to invade the systems of more than 18,000 private and public organizations (including local, state, and federal agencies); the attackers access passwords, user names, financial data, source code, and other information.
2021: A suspected Russian hacking group uses ransomware to take East Coast–based Colonial Pipeline (a supplier of gasoline, diesel fuel, and jet fuel) offline for more than three days. The attack causes gasoline shortages, increases in gas prices, and delays over-the-road deliveries.
2022: The FBI’s Internet Crime Complaint Center logs more than 800,944 complaints of Internet crime; the potential total loss from these crimes grows from $6.9 billion in 2021 to more than $10.2 billion in 2022.
2023: The U.S. Securities and Exchange Commission adopts new rules that require publicly traded companies to disclose a cybersecurity incident within four days after determining it is serious enough to be important to investors. They also are required to periodically detail their efforts to identify and manage cyberthreats.
2023: The Biden Administration unveils the National Cyber Workforce and Education Strategy, which seeks to address both immediate and long-term cyber workforce needs.
2023: The National Institute of Standards and Technology (NIST) issues the Artificial Intelligence Risk Management Framework (AI RMF 1.0), which it describes as a “guidance document for voluntary use by organizations designing, developing, deploying, or using AI systems to help manage the many risks of AI technologies.”
2023: President Biden issues an executive order regarding “safe, secure, and trustworthy artificial intelligence,” which is largely based on AI RMF 1.0, and empowers the U.S. Department of Commerce to implement its guidelines.
- Big Data Developers
- Blockchain Developers
- Business Continuity Planners
- Chief Information Security Officers
- Computer Programmers
- Computer Systems Programmer/Analysts
- Cryptographic Technicians
- Cybersecurity Architects
- Data Scientists
- Database Specialists
- Deepfake Professionals
- Directors of Security
- Information Security Analysts
- Information Technology Security Consultants
- Internet of Things Developers
- Internet Quality Assurance Specialists
- Internet Security Specialists
- Internet Transaction Specialists
- JavaScript Developers
- Network Operations Center Engineers
- Network Operations Center Technicians
- Online Gambling Specialists
- Security Consultants
- Software Application Developers
- Software Designers
- Software Engineers
- Solutions Architects
- Technical Support Specialists
- Technology Ethicists