Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Cybersecurity: The Beginner's Guide

You're reading from   Cybersecurity: The Beginner's Guide A comprehensive guide to getting started in cybersecurity

Arrow left icon
Product type Paperback
Published in May 2019
Publisher
ISBN-13 9781789616194
Length 396 pages
Edition 1st Edition
Languages
Arrow right icon
Authors (2):
Arrow left icon
Dr. Erdal Ozkaya Dr. Erdal Ozkaya
Author Profile Icon Dr. Erdal Ozkaya
Dr. Erdal Ozkaya
Deepayan Chanda Deepayan Chanda
Author Profile Icon Deepayan Chanda
Deepayan Chanda
Arrow right icon
View More author details
Toc

Table of Contents (14) Chapters Close

Preface 1. Importance of Cybersecurity 2. Security Evolution — From Legacy to Advanced, to ML and AI FREE CHAPTER 3. Learning Cybersecurity Technologies 4. Skills We Need for a Cybersecurity Career 5. Attacker Mindset 6. Understanding Reactive, Proactive, and Operational Security 7. Networking, Mentoring, and Shadowing 8. Cybersecurity Labs 9. Knowledge Check and Certifications 10. Security Intelligence Resources 11. Expert Opinions on Getting Started with Cybersecurity 12. How to Get Hired in Cybersecurity, Regardless of Your Background 13. Other Books You May Enjoy

The history of data breaches

The general notion encircling hacking is that it started a few decades ago. However, in reality, hacking was in practice even before that. it goes as far back as 1834, yes almost two centuries back. Historically, it came to light in the year 1836 when two persons involved in the act were caught. During the last decade of 1700, France implemented its national data network to transfer data between Paris and Bordeaux, which was one of its kind at the time. It was built on top of a mechanical telegraph system, which was a network of physical towers. Each tower was equipped with a unique system of movable arms on the tower top.

The tower operators would use different combinations of these arms to form numbers and characters that could be read from a similar distant tower using a telescope. This combination of numbers and characters was relayed from tower to tower until it reached the far end. As a result, the government achieved a much more efficient mechanism of data transfer, which resulted in greater time saving. Interestingly, all this happened in the open. Even though the combinations were encrypted, and would've required an experienced telegraph operator to decode the message at the far end to bring up the original message, the risks were just around the corner. The following image is one such tower:

Figure 1: Replica of Claude Chappe's optical telegraph on the Litermont near Nalbach, Germany (Photo by Lokilech CC BY-SA 3.0)

This operation was observed by two bankers, Francois and Joseph Blanc. They used to trade government bonds at the exchange in Bordeaux, and it was they who figured out a hack to poison the data transfer in between, and include an indicator of current market status, by bribing a couple of telegraph operators. Usually it took several days before the information related to Bond performance reached Bordeaux by normal mail, now, due to this hack, they had an advantage to get that same information well before the exchange in Bordeaux received it. In a normal transmission, the operator included a Backspace symbol to indicate to the other operator that he needed to avoid the previous character and consider it as mistake. The bankers paid one of the operators to include a deliberate mistake with a predefined character, to indicate the previous day's exchange performance, so that they could assume the market movement and plan to buy or sell bonds. This additional character did not affect the original message sent by the government, because it was meant to be ignored by the far end telegraph operator. But this extra character would be observed by another former telegraph operator who was paid by the bankers to decode it by observing through a telescope. Also, the Blanc brothers did not care about the entire message either; all they needed was the information related to market movement, which was well achieved through this extra piece of inert information. The Blanc brothers had an advantage over the market movement and continued to do this for another two years, until their hack was discovered and they were caught in 1836. You can read more about such attacks at https://www.thevintagenews.com/2018/08/26/cyberattacks-in-the-1830s/.

The modern equivalent of this attack would perhaps be data poisoning, man-in-the middle attack, misuse of the network, attacking, or social engineering. However, the striking similarity is that these attacks often go unnoticed for days or years before they get caught. This was true then, and it's true today. Unfortunately, the Blanc brothers could not be convicted as there were no laws under which they could be prosecuted at that time.

Maybe the Blanc brothers' hack was not so innovative compared to today's cyber attacks, but it did indicate that data was always at risk. And, with the digitization of data in all shapes and forms, operations, and transport mechanisms (networks), the attack surface is huge now. It is now the responsibility of the organization and the individuals to keep the data, network, and computer infrastructure safe.

Let's fast forward another 150 years, to the late 1980s. This is when the world witnessed the first ever computer virus—Morris worm. Even though the creator of the worm, Robert Tappan Morris, denied the allegation that it was intended to cause harm to computers, it did, indeed, affect millions of them. With an intention to measure the vastness of the cyber world, Tappan wrote an experimental program that was self-replicating and hopped from one computer to another on its own.

This was injected to the internet by Morris, but, to his surprise, this so-called worm spread at a much faster rate than he would have imagined. Soon, within the next 24 hours, at least 10% of the internet connected machines were affected. This was then targeted to ARPANET, and some reports suggested that the of connected computers at the time was around 60,000. The worm was using a flaw in the Unix email program, sendmail, which typically waits for other systems to connect to the mail program and deliver the email, and a bug in the fingerd daemon. This worm infected many sites, which included universities, military, and other research facilities. It took a team of programmers from various US universities to work non-stop for hours to get to a fix. It took a few more days to get back to a normal state. A few years later, in 1990, Morris was convicted by the court, for violating the Computer Fraud and Abuse Act; unlike at the time of Blanc brothers when there was no law to prosecute, this time there was.

Fast forward another two decades to 2010, and the world saw what it never imagined could happen: an extremely coordinated effort to create a specifically crafted piece of software, Yes Software, which was purpose-built to target the Iranian nuclear facility. It was targeting Industrial Control Systems, otherwise known as ICS. This was designed only to target a specific brand and make of ICS by Siemens, which controls centrifuges in a nuclear facility to manage their speed. It is presumed that it was designed to deliver onsite, as per some reports, because the Iranian facility that it was targeting was air-gapped. This was one of its kind industrial cyber espionage.The malware was purpose-built so that it would never leave the facility of the nuclear plant. However, somehow, it still made its way out to the internet, and there is still speculation as to how. It took researchers many months after its discovery to figure out the working principle of the malware. It's speculated that it took at least a few years to develop to a fully functional working model. After the Stuxnet, we have witnessed many similar attack patterns in forms of Duqu, and Flame, and it's believed by some experts in this field, that malware similar to these are apparently still active.

Currently, we are seeing extremely new variants of attack with new modus operandi. This is to earn money by using ransomware, or to steal data and then try to sell it or destroy it. Alternatively, they use victim infrastructure to run crypto miner malwares to mine cryptocurrencies. Today, security has taken center stage, not only because the attack surface has increased for each entity, or the number of successful high profile and mass attacks are a norm, but because of the fact that each one of us now knows that the need for securing data is paramount, irrespective of whether you are a target or not.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime