Cyber threats: From hacking to AI

The history of cyberthreats is a testament to the continuously evolving technology and its darker sides. We see even more cyberthreats in the threat landscape than ever before, which include malware, hacking and data breaches. This affects individuals and organizations, and can in the worst case affect an entire nation.

We’ll take you on a little journey through time, starting with the dawn of cyberthreats - from the humble beginnings to the advanced attacks we know today.

The dawn of cyberthreats

We have faced cyber threats from the day technology and computing existed - even in its infancy, technology has posed a threat to us. The concept of hacking first emerged in the 1960s and 1970s, and has stuck with us since. Early hacking mostly consisted of curious people who wanted to see computer systems’ potential and understand what happens behind the scenes.

One of the very first hacking incidents was back in 1969 where John Draper, also known as Captain Crunch, led a movement called the Phone Phreaking movement. He discovered that a toy whistle, which often was included in cereal boxes, could manipulate and disturb phone systems.

Later in 1980s, the world saw its first instances of actual computer viruses, such as the "Brain" virus. Initially, these hacking attempts and attacks were pretty harmless and usually they took shape as pranks. They did, however, lay the foundation for later threats and severe attacks as we have experienced in modern time.

The internet is born

The emergence of the internet brought along a new era of cyberthreats. The internet made communication and working a lot easier and presented a new range of possibilities for businesses and individuals. This did, though, expand the attack surface significantly.

Hackers discovered how to make malicious software, also known as malware, and thus learned how to compromise and infect our software. The 1990s saw a rise of malware and viruses like Melissa and CIH (Chernobyl) which would damage and destroy infected systems.

It was, however, the 2000s that saw the greatest development of cyberthreats with worms like ILOVEYOU - this defined the new era of hacking. The worm spread rapidly through email, consequently leading to great financial losses and damage to systems around the world.

The 2000s: The Era of Cybercrime

The internet evolved and grew, but so did the sophistication and advancement of cybercrime. In the 2000s, organized cybercrime surfaced and even operated on an international scale. Many hacking groups were, and still are, motivated by financial gain which motivated hackers to find ways to target and specialize their attacks.

One of the most notorious cybercrime syndicates is RBN (Russian Business Network). They specialize in many different cybercrimes which include identity theft, spamming and hosting malicious websites (e.g. by typosquatting).

Another threat that emerged as the internet became widespread is the use of botnets which allow hackers to infiltrate and control several systems and software around the world. Some of the most notable botnets are Storm Worm and Conflicker which could infect millions of systems and devices. Once a device is infected, it becomes useless for the owner - the device furthermore becomes yet another participant in cyberattacks that can be utilized by the hacker.

The Stuxnet Worm and state-sponsored cyberattacks

The 2010s represents a time where the world was introduced to a new dimension of cyberthreats, including Stuxnet worms and state-sponsored cyberattacks.

Stuxnet differs from previous malware since it was sophisticatedly designed to target industrial control systems - specifically targeting systems used in Iran’s nuclear program. The invention of Stuxnet marked a new era of cyberthreats as it proved that entire nations and governments could use malware and cyberattacks as a tool for geopolitical warfare.

Following the Stuxnet worm, several incidents have surfaced where the cyberattacks have (allegedly) been sponsored by a nation/state. Some examples include a cyberattack on Sony Pictures in 2014; this attack was allegedly sponsored by North Korea. Another example is the breach of the U.S. Office of Personnel Management (OPM) in 2015, which is linked to the government of China. Lastly there was quite a lot of talk of a Russian state-sponsored cyberattack/interference in relation to the 2016 U.S. presidential election.

These incidents show just how much and how quickly the landscape of cyberthreats is developing. Not only are private people hiring and executing cyber attacks, but nations are doing it as well. Nation states are now using cyberattacks for political, military and economic objectives. We’ve also made a blog post that looks at cyberattacks in modern warfare if that catches your interest.

The Age of Ransomware

Another groundbreaking cyberthreat that saw the light of day in the 2010s is ransomware. The essence of ransomware attacks is that the hacker encrypts a victim’s files and data, and in order for the victim to get the decryption key, they must pay a ransom. The first notable ransomware is CryptoLocker, which emerged in 2013. Instead of normal currency, it demanded payment in Bitcoin instead.

Since its emergence, ransomware attacks have increased both in advancement but also how impactful they are. In 2017, hundreds of thousands of computers were infected across the globe by the WannaCry attack. This invalidated the devices and encrypted crucial data. In the same year, NotPetya, was launched - which is often attributed to Russian hackers. This caused billions of dollars in damages and caused a lot of harm to international organizations.

The emergence of ransomware attacks have led to hacker groups solely using ransomware as their strategy. It is groups like REvil and DarkSide that have become increasingly organized and financially motivated. They target individuals but also organizations, government institutions etc. to hit large businesses that both have great economies but also crucial information. This has forced organizations to improve and strengthen their cybersecurity defenses drastically to prevent being the next target.

The cyberthreat landscape today

We’re soon in the midst of the 2020s and the cyberthreat landscape continues to evolve - and even at a very rapid pace. Now we have inventions like IoT (Internet of Things) which has introduced new vulnerabilities and attack surfaces. Hackers can target every smart-device we have, from our watches to phones and TVs. Remote working and cloud computing and storage also poses a vulnerability since hackers can access a lot of data once they have gained access to an employee’s cloud storage.

AI, machine learning and deep learning are furthermore something we should consider when we talk about the cyberthreat landscape - AI can help us make and develop new ways to protect ourselves from attacks, but it can also help hackers develop new ways to hack and attack us.

We’ve already mentioned cyberthreats in connection with modern warfare, but it is also something we should consider in our cybersecurity. Back in 2020, the Russian ATP group attacked SolarWinds with a supply chain attack, which, as the phenomena consists of, affected the entire supply chain in the organization.

Into the future

The history of cyberthreats is far from being written and finished. Technology develops which means that the cyberthreats do as well. Hackers become better by the day, so we should follow and even try to be one step ahead of them.

• Looking at the future of cybersecurity, we should be vigilant and implement measures to create a strong technical defense. Furthermore, we should implement user training and education and optimally have an international cooperation to combat the threats.

It’s an ongoing battle against cyberattacks so adaptation and vigilance are key words when we navigate in the landscape of the cyber world. We want to protect our data, systems and software - which in this day and age means that we want to protect our private life and functionality of the everyday hustle and bustle.