Ancient History – WWII
Many believe that information security is a new discipline. In fact, Information Security or INFOSEC began with man’s first invention of technology. That technology was valuable and needed to be protected from loss, misuse or breach to another culture. The first spearhead design had to be protected:
- Confidentiality: you couldn’t let the neighboring civilization get the design or risk losing advantage
- Integrity: you needed to protect the design and make sure it created reliable products
- Availability: you needed the design to be in more than one person’s head or risk losing the technology completely.
- Safety: you needed to protect the children and innocents from being hurt with the technology
INFOSEC’s core tenets were born: Confidentiality, Integrity, Availability and Safety.
INFOSEC carried on much this way, protecting weapons technology, for millennia. The face of INFOSEC changed in the years before World War II when communications technology began to be used for military purposes. Defenders invented more sophisticated encryption technologies and attackers invented ways to break the encryption.
The first known “computer hack” was in the 1930’s when a group of Polish codebreakers cracked an early version of the German “Enigma” code. Later in 1940, the British and Americans cracked the more complex German Enigma machines by intercepting and analyzing weather transmissions from the German Navy. These early hacking teams played an important role in the outcome of WWII and paved the way for both the IT and Cybersecurity fields.
1940s – 1960s
After WWII, much research went into the nascent field of computers. Computers evolved from mechanical gear-driven machines to vacuum-tube monsters that filled entire rooms and buildings. Security was still dedicated to encryption and protection of national secrets.
The first computer security problem occurred in the early 1960s when a researcher using a mainframe simply printed out the user and password list rather than the report that was supposed to be delivered. This was the beginning of a series of “hacks” where computer scientists subverted resources or otherwise breached systems.
The systems were isolated at that time, and limited to computer scientists, so the damage was relatively small. The landscape changed forever at 10:30 PM on October 29th, 1969 when ARPANET was born and the Internet spoke its first words.
In the next part of this series, we will examine how cybersecurity evolved from a military / warfare focus to an information science with the invention of e-mail, networks and passwords.