A history of cybersecurity

The first computer worm was created, displaying the words, “I am the Creeper: catch me if you can.”

A high school student developed the first virus, Elk Cloner, which infected the Apple II operating system.

The first US Fraud and Abuse Act was passed, defining federal computer crimes and penalties.

Robert Morris created a self-propagating virus that attacked the early internet.

The UK passed the Computer Misuse Act, which criminalised unauthorised attempts to access IT systems.

The Melissa virus infected users through Microsoft Outlook, causing an estimated $1.2bn in damage.

The ILOVEYOU virus affected more than 500,000 systems and led to $15bn worth of damage.

The Council of Europe drafted a Cybercrime Treaty to define cyber crimes committed using the internet.

A DDoS attack struck 13 DNS root servers, knocking out five. It was the first attempt to disable the internet.

US Presidential and Homeland Security directives primed a national initiative to counter network attacks.

US retailer Target suffered a massive data breach, exposing the data of 40 million credit card customers.

More breaches emerged at the US Office of Personnel Management, TalkTalk, and the dating site Ashley Madison.

Yahoo announced a 2013 breach in which hackers stole personal details from one billion user accounts.  

The EU adopted the NIS (Network and Information Security) Directive, its first EU-wide cybersecurity legislation.

A bad year for attacks, with ransomware exploits almost doubling from 82,000 in 2016 to 160,000 in 2017.  

The WannaCry ransomware attack infected an estimated 300,000 computer systems in four days.

Research revealed security flaws in every computer chip made in the last 20 years.  

In May 2018, the General Data Protection Act (GDPR) came into force across EU countries.

British Airways was fined $230m, and Marriott Hotels was fined $123m for GDPR breaches.  

Hackers demanded $76,000 in bitcoin after a ransomware attack froze systems in Baltimore.

The threat of the Covid-19 virus forced companies worldwide into a sudden shift to remote working.  

Cyberattacks on remote workers increased in frequency and intensity.  

The Information Commissioner reduced British Airways’ data breach fine to £20m. 

Hackers broke into vendor SolarWind's systems and added malicious code to the company's software system. SolarWinds unwittingly sent out software updates to customers that included the hacked code.

Ransomware group Darkside attacked fuel group Colonial Pipeline, causing gas shortages and price spikes.

Ukraine began to face cyberattacks ahead of Russia’s invasion in February.  

A cyberattack hit Poland’s senate after it adopted a resolution deeming Russia a terrorist regime.

The zero-trust security model will have been implemented in most organizations, at least in part.

In most countries, legislation regulating ransomware payments, fines, and negotiations will be in place. 

According to Cybersecurity Ventures, global cybercrime will reach $10.5tr annually by 2025.

Cybersecurity revenues will reach $344bn, according to GlobalData forecasts.