The history of hacking offers a colorful background dating back to the late 1800s.
Of course, hacking in the 1800s didn’t look like the modern version (because computer systems didn’t exist yet in 1888), but as you will see, there are enough similarities to the early days of exploits to make the comparison between telephone line switching and modern cybersecurity.
Jumping ahead nearly 100 years, we see more examples of hackers using telephones to create exploits in technical systems. Finally, in the mid-1960s, as computers became more popularized, hacking as we know it today began.
With that in mind, let’s dive into a brief history of hacking.
Who Invented Hacking?
The first hacking incident actually occurred before computers. Reportedly, the first hackers were from the year 1878. Shortly after the invention of the telephone and only two years after the start of Alexander Graham Bell’s famous telephone company, young phone operators pranked callers by switching telephone lines. This showcased one of the first cases of a technical loophole being exploited.
In the mid-1900s, the term hacking began at MIT and actually started with train sets, not computers. Students at the prestigious institution started altering train sets and these individuals became known as hackers. The practice later became associated with changing the technical aspects of a computer to alter it from its intended usage.
Modern Hacking Evolves
In the 1960s, one of the first popularized hacks, again associated with telephones, was known as phreaking. Phreaking is where an individual uses a whistle or other high pitch noise to trick a phone into receiving operational commands and thus changing the behavior of the telephone system.
Around 1965, John Draper, who famously became known as Cap’n Crunch for his phreaking techniques, realized that he could use a toy whistle to exploit telephone calls. He found the whistle in a cereal box, hence his nickname. Through the help of the whistle and the right frequency of noise, he was able to complete free long-distance phone calls.
Between the dominance of AT&T among telephone systems, Unix, and the invention of Arpanet, we start to see a new focus on this emerging technology from government agencies such as the FBI to counteract the emergence of malware and other cybercrime techniques.
The world of hacking as we know it today began in the early 1970s, after the popularization of early computers. With government agencies utilizing these new technologies, the Air Force commissioned the first-ever pentest of their systems in 1971. These teams of highly technical specialists became known as “Tiger Teams” and were one of the earliest types of hackers.
After the rise of Tiger Teams in the 1970s, other examples of hacking in a more traditional sense can be seen such as with the invention of the world’s first computer worm and subsequent antivirus.
As time progressed, more agencies started to test their network security in response to some of the earliest forms of computer hacking. By the 1980s, the world of hacking advanced far enough for Congress to take action with the passage of the Computer Fraud and Abuse Act, which to this day remains a topic of debate.
As computers became more popular and started to go mainstream with major corporations, and eventually personal computers became the norm, so did hacking. During the mid-1990s, one of the first and most famous hacker trials took place with none other than the number one hacker on our list of famous hackers.
Evolution of Hacking from the Fringes to the Mainstream
As the popularity of personal computers came to a peak in the late 1990s during the dot com boom, so too did the rise of hacking. Famous hackers such as Kevin Mitnick made national news during this time period where fraud such as stealing credit cards or illegal wire transfers boomed in popularity.
Since then, modern hacking has continued to evolve into many different use cases that we see today such as what we see with vulnerability scanners, pentesting, or red teaming.
While different forms of ethical hacking such as pentesting differ from the malicious attacks or data breaches we hear about in the news, the main difference can be essentially boiled down to permission.
Did the attacker have permission to execute the attack?
If yes, then it’s likely pentesting, red teaming, or another form of ethical hacking rather than an actual hack.
If not, then the attack almost always should be considered hacking.
To this point, one of the most effective ways to prevent an attack is by proactively testing your network and systems for exploits or misconfigurations. Penetration testing services offer companies the ability to “see their systems through the eyes of a hacker” and thus, better prepare for an attack.