History of Cybersecurity & Evolution PDF

Summary

This document provides a history of cybersecurity and its evolution, covering key periods and trends. It discusses important topics such as the growing threat landscape, the rising cybersecurity skills gap, and the impact of digital transformation. This document is from the Indian Institute of Information Technology Dharwad.

Full Transcript

Module 1

History of Cybersecurity and Evolution

Indian Institute of Information Technology Dharwad
Ittigatti Road, Near Sattur Colony, Dharwad 580009
 Course Structure Preparation

Each sub-topic to have the following -

1. Not more than 5 slides of content in bullet form per Course Learning Objective

2. Out of 5 slides – 2 slide should have industrial references or real life case scenarios
(See examples)

3. Quiz at the end of the each sub-topic on the areas covered in the sub-topic (not more
than 10 questions)

4. A detailed document on the entire sub-topic that can be referred by students or
faculties at later stage

2 of 26 2
 Course Learning Objectives
Understand the difference between Information Security, Physical Security, Digital
Security & Cybersecurity
Student will learn the history and evolution of Cybersecurity starting from Physical
information threats  Digital Information Threats and beyond
Students will understand the impact of Cybersecurity in atleast 4 different industries
Students will learn on how various strategies are adopted based on industry or threat
landscapes
Students should be able to interpret and explain the difference between
Confidentiality, Integrity & availability
3
3 of 26
 What is CyberSecurity?
Practice of protecting internet-connected systems from digital attacks.
Used by individuals and enterprises to protect against unauthorized access to data centers and
other computerized systems.
Develop secure software, identify and respond to cyber threats, and critically analyse digital
evidence to solve and prevent crimes.

4 of 26 4
 Why do we need Cybersecurity?
Cybersecurity is no longer an option, it's a necessity

Escalating Financial Impact: In 2021, cybercrime cost the world $6 trillion. By 2025, these
costs are projected to increase to $10.5 trillion.
Growing Threat Landscape: As digital technologies evolve, the number of cyberattacks is
expected to increase, putting more entities at risk.
Widespread Vulnerability: Individuals, governments, for-profit companies, not-for-profit
organizations, and educational institutions are all potential targets for cyberattacks and data
breaches.
Complexity of Global Supply Chains: The increasing complexity of global supply chains adds
to the vulnerability of systems, making robust cybersecurity measures essential.
Critical Role of Data: In the digital economy, data is becoming more critical, and its security is
paramount to minimize the risk of attacks and secure systems.

5 of 26 5
History - 1960 to 1980
Increased Connectivity and Time-Sharing:
Multiple users on a single computer raised unauthorized access concerns.
Protecting user files and systems became crucial due to expensive computing time.
Birth of Passwords:
Password accounts were introduced to control access, establishing a legacy of password
protection.
ARPANET and Early Malware:
ARPANET facilitated innovation, including the development of email and early malware
like Creeper and Reaper.
Early Security Discussions:
Best practices for secure systems were not yet established.
Initial discussions about cybersecurity began, including a notable 1975 paper.
Emergence of Malware:
The shift to the Internet Protocol Suite increased the attack surface.
The 1980s saw sophisticated malware and the Morris Worm incident, highlighting
large-scale cyberattack dangers.
6 of 26 6
History - 1980 - 1990
Age of Viruses:
Widespread internet access in homes led to a surge of personal computer viruses.
Unskilled attackers ("script kiddies") used readily available malware.
Rise of Anti-Malware:
The prevalence of viruses fueled the growth of the anti-malware industry.
Cybersecurity awareness increased, with companies prioritizing security improvements.
Real-World Impact:
Rampant malware attacks on home computers highlighted the importance of cybersecurity
to the public.
Reactive Security Measures:
IT security primarily relied on antivirus and firewalls as defensive perimeters.
Companies had limited proactive security measures and knowledge.
Compliance and Underinvestment:
Information security regulations were complex, making compliance difficult.
Security requests received minimal funding in the 1990s.
7 of 26 7
History - 2000 and 2010
Digital Transformation:
Increased digitization, especially in financial transactions, created valuable targets for attackers.
Cybercriminals shifted focus to financial gain through credit card breaches, hacktivism, and
ransomware.
Rise of Data Breaches:
Massive data breaches compromised millions of credit cards and sensitive information.
Businesses faced significant consequences, including downtime, reputation damage, and
financial penalties.
Advanced Persistent Threats (APTs):
Nation-state attacks became more frequent, targeting strategic corporate and government assets.
Well-funded APT groups launched sophisticated cyber campaigns.
Escalating Threats:
Large-scale cyber incidents like WannaCry and NotPetya caused widespread disruption.
Ransomware attacks became prevalent, leading to business shutdowns and financial losses.
Focus on Security Programs:
The severity of cyber threats forced companies to prioritize and enhance their cybersecurity 8 of 26 8
programs.
Evolution Of Information Security after 2000s
Technological Advancements and Heightened Awareness:
Digital signatures emerged to protect personal information.
Increased focus on security due to rising cyber threats and data breaches.
Increased Investment and Security Integration:
More funding for information security as its importance grew.
Security best practices integrated into the Software Development Life Cycle.
Reputation Management:
Executives invested in advanced security to protect brand reputation from data breaches.
Rise of Cloud Computing:
Need for new security strategies to protect data in cloud environments.
Security expanded to include mobile devices and personal machines.
Future Focus:
Ongoing prioritization of information security as threats increase.
Security is now a key part of corporate strategy for organizational well-being.
9 of 26 9
 Evolution Of Internet Of Things
1832-1982: 2019-2023:
19th Century: Concept of interconnected 1994-2008: 2019-2023: Rise of sophisticated attacks from
devices originated. 1994: Amsterdam's "digital city" explored data nation-states and ransomware.
1970s: Advancements in technology laid the collection for a smart future. Cybersecurity industry booms with new
1999: The term "Internet of Things" was coined. defensive tools.
groundwork for IoT. Early example: smart
2000s: Rise of cloud computing boosted IoT growth. Emerging technologies like blockchain &
vending machines.
2008: Connected devices surpassed the human quantum computing offer both benefits and
1982: IoT aims to simplify lives through a
population. risks.
network of communicating devices.

1982-1993: 2010-2017:
1980-1990: Early connected devices (vending 2010s: IoT booms, but security flaws emerge (Mirai
machines, webcams) emerged. botnet, Jeep hack).
1994: Pioneering projects like Amsterdam's "digital Attacks highlight need for stronger defenses - even
city" laid groundwork for data collection in IoT. everyday devices (fish tank thermometers)
vulnerable.
Importance of robust IoT security alongside its
benefits is clear.
10 of 26 10
Evolution Of Data Security
From Silos to Synergy:
Traditional data security focused on isolated systems.
Cloud reliance necessitates unified security across platforms and devices.
Data and network security are converging for comprehensive protection.
Context Matters:
Cloud sprawl creates "blind spots" in traditional security.
Contextual awareness is key to identifying sensitive data (e.g., salaries, intellectual
property).
Consistent policies and automation ensure data security everywhere.
The Power of AI and Automation:
AI and Data Security Platform Management (DSPM) offer advanced solutions.
Improved data visibility, access control, and faster threat response.
Integrated AI, DSPM, and Data Loss Prevention (DLP) technologies combat unseen threats.
Benefits:
Prevents data breaches and loss.
Protects sensitive information in the cloud. 11 of 26 11
Provides robust data protection in today's complex digital environment.
Data Breaches
Data breaches have a long history, even pre-dating computers. While regulations try to safeguard information, the

explosion of digital data in recent decades has made breaches a major concern, potentially impacting millions with a

single attack.

Types of DOS

❖ Ransomware - Malicious software that locks down valuable data

and demands a ransom to unlock it, often targeting businesses.

❖ Malware - Software designed to harm computer systems, often

disguised as legitimate software to trick users into downloading it.

❖ Phishing - Deceptive emails or messages imitating a trusted source

to steal sensitive data like passwords or credit card info.

❖ DoS/DDoS - Denial-of-service attacks overwhelm a website or

service with traffic, making it inaccessible to legitimate users.

DDoS attacks are large-scale DoS attacks launched from multiple
12 of 26 12
devices.
 Cybersecurity trends
Focus on Artificial The Growing
The Rise of Evolving Cloud
Intelligence and Cybersecurity Skills
Ransomware Security Challenges
Machine Learning Gap

Threat Shared High Demand
Increased
Detection and Responsibility for
Sophistication
Response Model Professionals

Predictive Focus on Verifying All Focus on
Analytics and Ransomware Users and Training and
Automation Mitigation Devices Upskilling

13 of 26 13
Quiz

What is Cyber Security and why is it important?
Write a note on evolution of Information security.
What do you understand by data breaches?
Explain the history of cyber security in detail.

14 of 26 14