As part of our 5-part series on the evolution of cybersecurity, check out our second article below that covers how the security industry laid the groundwork for a more holistic approach to cybersecurity.
We are continuing our series that explores the development of cybersecurity from the 1980s up until 2023. It is essential for the cyber community to comprehend our history as it enables us to gain insights from incidents and remain responsive to emerging technologies and threats, in the future. In my previous post, I described the evolution of cybersecurity threats and solutions during the 1980s.
In this post, we look at how the next decade saw an expansion of both the nature and variety of cyberattacks as well as security responses, mainly because of the rapid adoption of the Internet and, more importantly, email.
As the decade progressed, the most significant change in the computer environment of the 1990s was the adoption of the Internet by the general public. This expanded the potential attack vector for cybercriminals and helped them organize themselves into criminal networks to launch more complex attacks and harvest financial information from burgeoning e-commerce companies more efficiently.
Viruses become polymorphic
While the 1980s saw the emergence of the first widespread viruses and worms, new threats in the 1990s include polymorphic viruses (which mutate as they spread), more advanced malware, and email-based attacks.
Malware threats expanded over the decade, growing from thousands to millions. Malware spread through a leading computer magazine, PC Today, which introduced the DiskKiller malware (inadvertently, they claimed) in a DVD distributed to subscribers.
Antivirus programs faced challenges, as they had to be continually updated and usually bogged down PCs and their operating systems. Cybercriminals also began writing anti-antivirus software to counter these security programs. By the middle of the decade, hackers had added stealth capabilities to their viruses in addition to polymorphism. They also created new macro viruses, which leveraged macro languages to develop common software applications.
Antivirus companies responded by leveraging heuristic detection to address virus variants and generic signatures to spot viruses hidden inside meaningless code. Secure Sockets Layer (SSL) was introduced by Netscape in 1995 to help better secure Internet transactions and online activity – it would eventually form the basis of HyperText Transfer Protocol Secure (HTTPS).
Second-gen firewalls emerge, computer fraud becomes illegal
There were also advances in firewall technology, which had emerged as a network layer solution in the 1980s. Second-gen firewalls could evaluate transport-layer information, and new application-layer firewalls followed in 1993, providing even more protection.
There was also some legislative progress on the security front. The Computer Fraud and Abuse Act (CFAA), introduced in the 1980s, was amended in 1994 to cover transmitting harmful code and viruses. It made it illegal to extort money using a computer. The European Institute for Computer Antivirus Research was established early in the decade to provide centralized research on emerging security threats.
However, the technologies that most substantially impacted cybersecurity in the 1990s were the proliferation of email for businesses and individuals and e-commerce.
Criminals saw the potential of email for proliferating malware, and in 1999, the Melissa virus arrived, which could email copies of itself via Microsoft Outlook. Hundreds of companies (including Microsoft) found their email servers overloaded. Cleaning up this mess cost an estimated $80 million. The ILOVEYOU virus followed in 2000.
Many of these attacks were aimed primarily at wreaking havoc on individual computers – the malware would destroy or hide files while bogging down servers by proliferating through additional emails with infected attachments.
E-commerce opens new cybersecurity vulnerabilities
The first online marketplaces launched in the 1980s, but the 1990s saw stratospheric growth. The public Internet emerged in the early part of the decade. Amazon and eBay both arrived in 1995, followed by PayPal in 1998. As consumers began handing credit card information to these e-tailers, criminals found a ripe target for theft and fraud. Individual consumers and large organizations that hackers had traditionally targeted were now at risk.
New models of security also began to emerge. The idea of an intrusion detection system (IDS) or intrusion protection system (IPS) was first proposed by researchers in the 1980s. It would include an expert system to detect known threats and a statistical anomaly detection system to identify peculiar behavior based on system profiles.
Various organizations, including Los Alamos National Laboratory, AT&T Bell Labs, and Lawrence Berkeley National Laboratory, put early prototypes and systems in place. By the early 2000s, the IDS/IPS approach was considered an industry best practice.
As the new century dawned, the security industry laid the groundwork for a more holistic approach to cybersecurity, including more advanced antivirus approaches, firewalls, advanced detection/prevention solutions, and SSL encryption for email. We’ll explore this further in our next post.
That’s all for part two of our series on the evolution of cybersecurity. Check out part one in case you missed it and look out for part three coming soon!
Photo: metamorworks / Shutterstock
