It seems like as long as the internet has existed, there have been criminals ready to exploit it for personal gain. The internet is the number one threat to our privacy in the world (due to its use as a means by which information is exchanged between computerised devices). However, in truth, issues about computer privacy – or what we might now call 'cyber security' – pre-date the internet. The first recorded references to what we would understand as 'malicious' hacking (rather than just exploring the possibilities) happened in the 1960s, when various phreaking boxes were used to infiltrate automated telephone systems and make free calls by students at US technology university, MIT.
Much is also made of the 1988 virus, 'The Morris Worm', one of the world's first significant, self-replicating computer viruses - and also the first virus to result in a criminal conviction for its creator (who maintained the worm was not intended to cause harm, but to gauge the size of the internet by exploiting known software vulnerabilities). Perhaps it's no coincidence, then, that the subsequent decades, the 1990s and the 2000s, saw the emergence and development of the antivirus industry, with 2008 seeing Cloud-based antivirus design realised. Present-day and next generation antivirus software approaches cyber security in a number of new ways, including behavioural detection and artificial intelligence based on machine learning.
The Rise of Cyber Security
With the commercialisation of the internet in the 90's came an increase in cyber security concerns, as everyday users passed documents and emails containing powerful macros between one another's machines. This is the birth of modern-day cyber security as we know it; with the world's first web browser (called WorldWideWeb), and portals like AOL, allowing unskilled, individual users to browse the internet in the comfort of their own homes. Microsoft's Internet Explorer product was released in 1995, along with Windows 1995 which was, tellingly, accompanied by extensive marketing aimed directly at personal internet users.
As the internet settled into the homes of everyday users, the antivirus software industry flourished. The first version of Norton AntiVirus, for example, was released in the US in 1991, the same year AVG Technologies was founded. It's worth noting that, during this decade, most virus writers could be considered internet irritants or pranksters, rather than malicious criminals. The majority of viruses were meant to wreak havoc for the sake of it, or to show off skills to other programmers rather than steal assets or data. In response, marketing campaigns for antivirus products were aimed at calling-out Microsoft for the holes in its Windows software that hackers loved to exploit for their own amusement and other scaremongering tactics around information the common user just wouldn't feel familiar contesting.
Present-Day Cyber Security
Today, threats to cyber security are more complex than ever before, and the days of 'jokeware' and cyber-vandals are long behind us – replaced with sophisticated cyber-criminals. Attempts to gain unauthorised access to our documents and data nowadays (e.g. Malware, Phishing, Social Engineering, Man in the Middle Attacks, Evil Twins) are, more often than not, driven by money. There is now more money to be made from data hacking than, for example, the illegal drug trade. The Dark Web hosts an entire criminal underground that is both organised and considerable in size. Here, stolen goods like credit card data, or items bought with skimmed cards, can be bought and sold for huge profit.
As a result, modern-day cyber security has evolved to match the threats it now encounters. Personal firewalls constantly monitor and block unwanted traffic and connection attempts in real time, whilst anti-virus software works to blend existing scan-based antivirus technology with behavioural analysis and profiling. These behaviour-based applications predict the behaviour of code to locate, mitigate, and block unusual activity. Behavioural analysis works against clever tactics such as Advanced Persistent Threats (APT), which have long sat undetected on network servers, to highlight any unexpected usages and alert users loudly and clearly.
The Future of Cyber Security
The digital age has brought with it a much more cyber-savvy customer base than the 90s and early 00s saw. Naturally, because consumers now have more to lose – 90% of households in the UK had internet access in 2017 (compared to 57% in 2006), with 93% of adults using online retailers to make purchases, and 63% banking online (these figures rise significantly when just observing under 35s).
Organisations looking to maintain cyber security also no longer rely solely on technology solutions to keep their networks and databases safe from unauthorised access. Whilst antivirus software continues to make leaps and bounds, cyber security awareness training has also risen in prominence recently; and features heavily as a vital element in combating hackers' various distraction techniques (think evermore legitimate-looking phishing attempts, DDoS attacks, and rootkits).
A culture of compliance embeds cyber security into the everyday working patterns of employees and individuals, keeping vigilance as a priority and involving people, much more personally, in risk mitigation. With the combined efforts of individuals and technology focussing on the importance of sharing information and learning from it, the future of cyber security leans toward intelligent design and artificial intelligence (AI). That is, computers than can learn-from and adapt-to to the ever-changing cyber security landscape, possibly better than we ever have.