The history of hacking is scary, but also oddly funny. Read about some of the most shocking hacks and how they taught us about cybersecurity.
As acquainted with technology as we are nowadays, the stories of how certain historical hacks took place still fascinate and amaze us. Who isn’t shocked at hearing that the first hack happened over a century ago? And don’t even start looking into the current malicious worms that threaten security systems: a look into the ILoveYou worm or IoT (Internet of Things) attacks will be enough to keep you up at night.
But learning about hacking is the best way to prepare us for future threats– so we’ve prepared a list of the most significant, and most infamous hacks in history!
Just as there’s not a clear, widely agreed-upon date for when the use of ‘hackable’ computer technology began, the muddy beginnings of hacking can be traced all the way back to the start of ‘secure’ massive telecommunication networks around the 20th century. As early as 1903, Nevil Maskelyne sabotaged a public demonstration of wireless telegraphy by none other than Marconi, the patent-holder for the invention of radio!
Phone phreakers also deserve a mention in the history of hacking. Phreaking began in the 50’s, when phone line restrictions were put in place for long distance calls. AT&T’s implementation of automatic switches made tone dialing procedures for long-distance phone calls a widespread system: simply put, specific audio tones signaled different commands to the system. In the late 60’s, a 7-year-old with perfect pitch nicknamed ‘Joybubbles’ automatically discovered that he could hack the system by whistling the right tone into the phone– creating a precedent for experimentation. It was even discovered that the whistles given out in Cap’n Crunch boxes emitted the perfect 2600 Hz tone. You read that right: cereal gift toys were used for early hacking!
But as wacky as the first hacking events were, things soon took a turn to much bigger, much more compromising data leaks and cybercrimes once modern computer technology became widely used at the end of the century.
The 1980’s were a decade of chaos: serious hacking incidents to official institutions like the North American Aerospace Defense Command (NORAD) arose and got media visibility, the first cases reached tribunals, and legal systems had to be updated on the go, amidst public turmoil and panic around figures like those of Kevin Mitnick, Markus Hess, and the 414s. Interestingly, many hackers didn’t do it for criminal reasons: some of the most notorious hackers liked to challenge themselves, poke around and leave mocking notes inside supposedly secure networks.
An odd example of this brand of hackers is that of Gary ‘Solo’ McKinnon, a Scottish hacker who in 2001 and 2002 wreaked havoc by hacking into US military and NASA computers, the biggest military hack to date. For months, he disrupted military activity, with the affected authorities alleging that he deleted critical files, brought connections down, and paralyzed actions. His objective? To find evidence for conspiracy theories such as UFO cover-ups, ‘free energy’ suppression, and antigravity technology.
In the 1990’s, things started to escalate even further. The first big hack to a financial entity took place in 1994, when Vladimir Levin, a Russian hacker, hacked into a number of corporate Citibank accounts via their phone system and transferred nearly $10 million dollars to accounts all around the world, though nearly all of it was later recovered.
But if we had to choose a hack into a corporation that revealed how flawed security systems were (and still are!) when it comes to protecting user data, we’d have to look at the great Yahoo data breaches of 2013 and 2014. Still considered the largest breaches in the history of the internet, with all 3 billion Yahoo accounts being hacked– a number that wasn’t revealed until years later, when Verizon acquired the company and made the information public. This sparked conversations about damage control and corporate responsibilities in the face of cybercrime, and whether we can trust big companies to not just protect our data, but also inform us when leaks take place.
Are you enjoying this article? Keep learning about Cybersecurity!
Take the first step into tech and find out more about our Cybersecurity bootcamp
Public infrastructure is a very common target for hacking attacks, both by independent hackers (for financial reasons) or by other countries (usually for purposes of sabotage and espionage).
The Colonial Pipeline ransomware attack revealed how dangerous the gaps in public infrastructure security can be. This pipeline, which carries nearly half of all fuel consumed in the American East Coast, suddenly became unable to bill customers when its billing infrastructure was targeted, forcing a halt. Additionally, sensitive stolen data was held over the heads of the company, which paid a ransom of 75 Bitcoin ($5 billion) to get the decryption tool. Still, they weren’t able to fix the issue quickly, causing fuel shortages and price spikes all over the country.
Recent history is ripe with infrastructure attacks such as the ones that hit the Ukrainian power grid in 2015 and 2016, cutting power to parts of the country for hours; or the Stuxnet attacks, a computer worm that caused significant damage to Iranian nuclear infrastructure in 2010, ruining nearly a fifth of the country’s nuclear centrifuges.
Google, as one of the biggest service providers on the internet, is constantly subject to attacks in record numbers, the latest being in June 2022: the biggest DDoS attack in history, no less!
Distributed-denial-of-service (DDoS) attacks aim to overwhelm servers with spam traffic, with networks of zombie computers (bots, which form a botnet) being used to simultaneously attempt to overwhelm a site with requests, resulting in a collapse and a denial of service to other users. The technical capacity for bigger and bigger such events keeps growing: this attack sent around 46 million requests per second at its peak. As Google employees described it in the report, that’s equivalent to receiving all of the daily requests to Wikipedia in just 10 seconds. This attack was 76% larger than the previously considered the largest to date– which happened under a month before!
While Google managed to defend itself against the attack, without the service being taken down, it’s becoming evident that the threat of hacking is growing exponentially.
Just about every new technology has met its hacker promptly: and blockchain technology, the basis of cryptocurrency, is no different. Like any technology that develops this rapidly and competitively, gaps are left for security breaches, scam currencies, and other schemes that might put users at risk, especially if large quantities of money are involved. Mishaps like the chaotic Nomad hack take place, where an upgrade accidentally marked the zero hash as a valid root, allowing hackers to copy-paste transactions and get them marked as valid– the crypto equivalent of setting the admin PIN to 0000.
The most significant crypto hack to date, the Ronin Network theft of March 2022, hackers compromised several systems to validate the multiple signatures required for transactions. The factors that contributed to this theft of $624 billion in ETH and USDC were not all that uncommon: a very centralized system, requiring few authorizations, and old permissions that weren’t revoked. Moreover, Ronin didn’t have proper monitoring systems in place: they only realized they’d been hacked after a user, unable to withdraw funds, tipped them off.
Studying the most significant hacks in history not only gives us great insight into the flaws of our digital systems and how we can cover them up: they also question the way we construct secure structures, and have a massive impact on how new, smarter technologies are developed.
A great number of the most infamous hackers in history have turned to white hat hacking, or ethical hacking. Turns out the best way to figure out the flaws in your system is to attempt to break in! For this reason, companies often seek out professional hackers, even organizing contests and hiring whoever infiltrates the system and gives the most insights on how improvements can be made. Ethical hackers also hold strong values related to free information (without harming individuals indiscriminately!), free education, and decentralization and digital autonomy, understood as opposition to centralized infrastructures owned by a small number of massive, powerful companies. The open source community is closely tied to this philosophy, and open source initiatives have led some of the greatest and most impactful advances in the technology that is available today.
Become an ethical hacker, and find out how to protect the online world from malicious hackers! Our Cybersecurity bootcamp trains you to become an expert in just a matter of weeks. Sign up!
Ready to join?
+10,000 career changers and entrepreneurs launched their careers in the tech industry with Ironhack's bootcamps. Take a step forward and join the tech revolution!
What would you like to learn?
Where would you like to study?
How to Begin a Career in Cybersecurity Without Previous KnowledgeRead more...
Managing The Cybersecurity Risks of Remote WorkRead more...
What Is Ethical Hacking?Read more...
From Aerospace to Cyber Defense with Ironhack's Remote BootcampRead more...
Cybersecurity Basics: Learn From Anywhere!Read more...
So… Your Passwords Got Hacked. Now What?Read more...