January 28, 2008
—
CSO
—
By Katherine Walsh
Given the headlines lately, you could be forgiven for thinking that the biggest, baddest events in the history of computer security have all happened within the last few years. After all, there have been so many hacks disclosed that Stephen Northcutt of SANS recently observed, “The way we are going, there are only going to be a couple hundred people of any significant net worth in the United States that have not had their details lost in a privacy breach--and they are going to prove to be so ultra paranoid they never borrowed money or had a credit card.”
In reality, the history of the most significant hacks, malware and other security bungles stretches back a lot further than the oft-cited chronology breaches compiled by the Privacy Rights Clearinghouse. That’s why we’ve put together this list of the worst, but most important, moments in computer security--a sort of cynics’ guide through the history of information security.
Some of the items on the list were chosen because of their legislative impact or technical sophistication. Others were picked as a result of the media attention they received, and still others because of the focus they brought to important security issues. One even happened well before computers became a personal item, back when the Internet had a mere 60,000 connections. But each event, in its own way, is one that we at CSO think is momentous.
Of course the list is arguable. That’s half the fun.
1971: Captain Crunch Whistle
Phone phreaker (a term for a subculture of people who, ahem, experiment with telecom systems) John Draper discovered that a toy whistle packaged in boxes of cereal could be modified to emit a tone at 2600 hertz. That was the same frequency used by phone companies to indicate that a trunk line was available to route a new call. Blowing the whistle into the telephone receiver would disconnect one end of the trunk, allowing the side that was still connected to enter an operator mode (a useful function for maintenance and repair personnel as well as phreakers).
“The problem was that the telcos allowed this to be sent in-band, and thus end customers could create and ’transmit’ these signals as well. Although most of this has been moved to out-of-band signaling, this problem still exists for many older switches, some in the states and several places overseas,” says Mudge, a hacker turned computer researc
Data Center Directions Virtual Conference
Attend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.
The Surest Path to Effective and Efficient Compliance
In this webcast, we explore why and how — with best practices, practical tips and solutions that work — to ease your compliance challenge.
Prudential Financial Protects its Brand with Symantec Data Loss Prevention Solutions
FORTUNE 100 insurance leaders rely on Symantec.Information Security: Data Drains and How to Prevent Loss
Do you know where your confidential data is?Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands
Learn what the thought-leaders at PricewaterhouseCoopers have to say.7 Requirements of Data Loss Prevention
Incorporate best practices from many companies using DLP solutions.Ponemon Study: How Much Does a Data Breach "Cost"?
35 U.S. organizations that lost confidential information and had a regulatory requirement to publicly notify affected individuals are studied in this report.
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
Data Loss Prevention
-
November 13, 2008The Roosevelt HotelRegister now »
New York, NY 10017
(ISC)2 members can earn up to 6 CPE Credits
Reference priority code ONLINE and attend this program as our guest — that's a $295 savings!
