Timeline of hacker history

From Wikipedia, the free encyclopedia

This article or section may require cleanup to meet Wikipedia's quality standards.
Please help improve this article or replace this tag with a more specific message. This article has been tagged since December 2005. (help, talk)

This article or section is missing citations and/or footnotes.

To meet Wikipedia's style guidelines and conform to our policies regarding neutral point of view, original research, and verifiability, please provide appropriate inline citations and/or footnotes.
For guidance in this area, see Wikipedia:Footnotes#How to use.
This article has been tagged since December 2006.

This is a timeline of hacker history. Hacking and system cracking appeared with the first electronic computers. Below are some important events in the history of hacking and cracking.

1 Introduction
2 1970s
- 2.1 1971
- 2.2 1972
- 2.3 1973
- 2.4 1978
3 1980s
- 3.1 1981
- 3.2 1982
- 3.3 1983
- 3.4 1984
- 3.5 1985
- 3.6 1986
- 3.7 1987
- 3.8 1988
- 3.9 1989
4 1990s
- 4.1 1990
- 4.2 1991
- 4.3 1992
- 4.4 1993
- 4.5 1994
- 4.6 1995
- 4.7 1996
- 4.8 1997
- 4.9 1998
- 4.10 1999
5 2000s
- 5.1 2000
- 5.2 2001
- 5.3 2002
- 5.4 2003
- 5.5 2004
- 5.6 2005
- 5.7 2006

[edit] Introduction

This timeline is entitled "Hacker history", but it encompasses infamous cyber attacks by crackers and groundbreaking legal rulings, as well as advances within the information security realm, covering basic inter-network computing as well as other technologies such as telecommunications. The timeline of hacker history focuses on milestones and delivers an overview of events that have altered the way in which information security is seen today, whether negative or positive.

This page will not list every single detail, nor seemingly insignificant events, and therefore should never be considered a complete timeline of hacking or information security.

[edit] 1970s

[edit] 1971

a Vietnam War veteran named John Draper discovers that the give-away whistle in Cap'n Crunch cereal boxes perfectly reproduces a 2600 hertz tone. Draper builds a "blue box" that, when used with the whistle and sounded into a phone receiver, allows phreaks to make free calls. Shortly afterwards, Esquire magazine publishes "Secrets of the Little Blue Box" with instructions for making a blue box, and wire fraud in the United States escalates.

[edit] 1972

Abbie Hoffman helps found The Youth International Party Line newsletter. Hoffman's publishing partner, Al Bell, changed the YIPL newsletter's name to TAP, for Technical Assistance Program.
The InterNetworking Working Group is founded to govern the standards of the developing network. Vinton Cerf is the chairman and is known as a "Father of the Internet."

[edit] 1973

College kids Steve Wozniak and Steve Jobs, future founders of Apple Computer, begin making and selling blue boxes.

[edit] 1978

First report of teen-age boys being kicked off the telephone system for pranks. Also, this is when "hacker" is first termed because boys first ran the early switchboards of Bell telephones. They were kicked off because they were misdirecting calls and listening in on conversations.
Bulletin boards with names such as Sherwood Forest and Catch-22 become the venue of choice for phreaks and hackers to gossip, trade tips, and share secret phone numbers, computer passwords, and even credit card numbers.
Susan Thunder is one of the early "phone phreakers", part of Kevin Mitnick’s crew who break into phone lines.

[edit] 1980s

[edit] 1981

Chaos Computer Club forms in Germany.

[edit] 1982

In Milwaukee a group of six teenage hackers calling themselves the 414's (their area code) break into some 60 computer systems at institutions ranging from the Los Alamos Laboratories to Manhattan's Memorial Sloan-Kettering Cancer Center before being arrested.

[edit] 1983

Movie WarGames introduces the wider public to the phenomenon of hacking and creates a degree of mass paranoia of hackers and their supposed abilities to bring the world to a screeching halt by launching nuclear ICBM's.
Secret Service gets jurisdiction over credit card and computer fraud.

[edit] 1984

Someone calling himself Lex Luthor founds the Legion of Doom. Named after a Saturday morning cartoon, the LOD had the reputation of attracting "the best of the best" — until one of the gang's brightest young acolytes, a kid named Phiber Optik, feuded with Legion of Doomer Erik Bloodaxe and got tossed out of the clubhouse. Phiber's friends formed a rival group, the Masters of Deception.
The Comprehensive Crime Control Act gives the Secret Service jurisdiction over computer fraud.
CULT OF THE DEAD COW forms in Lubbock, Texas and begins publishing its ezine.
The hacker magazine 2600 begins regular publication, right when TAP was putting out its final issue. The editor of 2600, "Emmanuel Goldstein" (whose real name is Eric Corley), takes his handle from the leader of the resistance in George Orwell's 1984. The publication provides tips for would-be hackers and phone phreaks, as well as commentary on the hacker issues of the day. Today, copies of 2600 are sold at most large retail bookstores.
The first Chaos Communication Congress, the annual European hacker conference organized by the Chaos Computer Club, is held in Hamburg

[edit] 1985

The online 'zine Phrack is established.
The Hacker's Handbook is published in the UK

[edit] 1986

After more and more break-ins to government and corporate computers, Congress passes the Computer Fraud and Abuse Act, which makes it a crime to break into computer systems. The law, however, does not cover juveniles.
Arrest of a hacker who calls himself The Mentor. He published a now-famous treatise shortly after his arrest that came to be known as the Hacker's Manifesto in the e-zine entitled Phrack. This still serves as the most famous piece of hacker literature and is frequently used to illustrate the mindset of hackers.

[edit] 1987

Decoder magazine begins in Italy.
The Computer Emergency Response Team (CERT) is created to address network security.

[edit] 1988

The Morris Worm: Robert T. Morris, Jr. (RTM), a graduate student at Cornell University and son of a chief scientist at a division of the National Security Agency, launches a self-replicating worm on the government's ARPAnet (precursor to the Internet) to test its effect on UNIX systems. The worm gets out of hand and spreads to some 6000 networked computers, clogging government and university systems. Morris is dismissed from Cornell, sentenced to three years' probation, and fined $10,000.
Kevin Mitnick secretly monitors the e-mail of MCI Communications and Digital Equipment Corporation (DEC) security officials. Kevin Mitnick is convicted of violating computer network of DEC and sentenced to a year in jail.
Kevin Poulsen — was indicted on phone-tampering charges. Kevin went on the run and avoided capture for 17 months.
First National Bank of Chicago is the victim of $70-million computer theft.

[edit] 1989

The Germans and the KGB: In the first cyberespionage case to make international headlines, hackers in West Germany (loosely affiliated with the Chaos Computer Club) are arrested for breaking into U.S. government and corporate computers and selling operating-system source code to the Soviet KGB. Three of them are turned in by two fellow hacker spies, and a fourth suspected hacker commits suicide when his possible role in the plan is publicized. Because the information stolen is not classified, the hackers are fined and sentenced to probation. In a separate incident,
Fry Guy is raided by law enforcement; police hunt for Legion of Doom hackers.
Jude Milhon (aka St Jude) and R. U. Sirius launch Mondo 2000, a major '90s tech-lifestyle magazine, in Berkeley, California.

[edit] 1990s

[edit] 1990

Operation Sundevil introduced. After a prolonged sting investigation, Secret Service agents swoop down on organizers and prominent members of BBSs in 14 U.S. cities including the Legion of Doom, conducting early-morning raids and arrests. The arrests involve and are aimed at cracking down on credit-card theft and telephone and wire fraud. The result is a breakdown in the hacking community, with members informing on each other in exchange for immunity. The offices of Steve Jackson Games are also raided, and the role-playing sourcebook GURPS Cyberpunk is confiscated, possibly because the government fears it is a "handbook for computer crime". Legal battles arise that prompt the formation of the Electronic Frontier Foundation.
LOD and MOD engaged in almost two years of online warfare — jamming phone lines, monitoring calls, trespassing in each other's private computers. Then the Feds cracked down. For Phiber and friends, that meant jail.

[edit] 1991

Rumors circulate about the "Michelangelo" virus, expected to crash computers on March 6, 1992, the artist's 517th birthday. Doomsday passes without incident.
Kevin Poulsen is captured and indicted for stealing military documents.
Former Legion of Doom members Patrick K. Kroupa (Lord Digital) and Bruce Fancher (Dead Lord) found MindVox.
resulted in jail sentences for four members of the Masters of Deception. Phiber Optik spent a year in federal prison.

[edit] 1992

Release of the movie Sneakers, in which security experts are blackmailed into stealing a universal decoder for encryption systems.
MindVox opens to the public.
Hackers break into GAFB, NASA and KARI.

[edit] 1993

During radio station call-in contests, hacker-fugitive Kevin Poulsen and two friends rig the stations' phone systems to let only their calls through, and "win" two Porsches, vacation trips, and $20,000. Poulsen, already wanted for breaking into phone-company systems, serves five years in prison for computer and wire fraud.
Texas A&M University professor receives death threats because a hacker used his computer to send 20,000 racist e-mails.
The first DEF CON hacking conference takes place in Las Vegas. The conference is meant to be a one-time party to say good-bye to BBSs (now replaced by the Web), but the gathering is so popular it becomes an annual event.
AOL gives its users access to USENET, precipitating Eternal September.

[edit] 1994

Summer: Russian crackers siphon $10 million from Citibank and transfer the money to bank accounts around the world. Vladimir Levin, the 30-year-old ringleader, uses his work laptop after hours to transfer the funds to accounts in Finland and Israel. Levin stands trial in the United States and is sentenced to three years in prison. Authorities recover all but $400,000 of the stolen money.
Hackers adapt to emergence of the World Wide Web quickly, moving all their how-to information and hacking programs from the old BBSs to new hacker Web sites.
AOHell is released, a freeware application that allows a burgeoning community of unskilled script kiddies to wreak havoc on America Online. For days, hundreds of thousands of AOL users find their mailboxes flooded with multi-megabyte mail bombs and their chat rooms disrupted with spam messages.

[edit] 1995

February: Kevin Mitnick is arrested again. This time the FBI accuses him of stealing 20,000 credit card numbers. Kevin Mitnick is incarcerated on charges of "wire fraud and illegal possession of computer files stolen from such companies as Motorola and Sun Microsystems" He is held in prison for four years without a trial.
The movies The Net and Hackers are released.
United States Department of Defense computers sustain 250,000 attacks by hackers.
Hackers deface federal web sites.

[edit] 1996

Kevin Poulsen is cleared of the military hacking charges and released. He starts a career as a freelance journalist.
Hackers alter Web sites of the United States Department of Justice (August), the CIA (October), and the U.S. Air Force (December).
Canadian hacker group, Brotherhood, breaks into the Canadian Broadcasting Corporation.
The U.S. General Accounting Office reports that hackers attempted to break into Defense Department computer files some 250,000 times in 1995 alone. About 65 percent of the attempts were successful, according to the report.
The MP3 format gains popularity in the hacker world. Many hackers begin setting up sharing sites via FTP, Hotline, IRC and USEnet.

[edit] 1997

A 15-year-old Croatian youth penetrates computers at a U.S. Air Force base in Guam.
December: Information Security publishes first issue.
Hackers get into Microsoft's Windows NT operating system.
In response to the MP3 popularity, the Recording Industry Association of America begins cracking down on FTPs. The RIAA begins a campaign of lawsuits shutting down many of the owners of these sites including the more popular ripper/distrubutors The Maxx (Germany, Age 14), Chapel976 (USA, Age 15), Bulletboy (UK, Age 16), Sn4rf (Canada, Age 14) and others in their young teens via their ISPs. Their houses are raided and their computers and modems are taken. The RIAA fails to cut off the head of the MP3 beast and within a year and a half, Napster is released.

[edit] 1998

A woman who goes by the handle Natasha Grigori started out in the early starts running a bulletin-board system for those involved in the unauthorized distribution of software. Now, at age “40-plus,” she’s the founder of antichildporn.org [1], a group of hackers who use their skills to track kiddie-porn distributors and pass the information on to law enforcement.
January: Yahoo! notifies Internet users that anyone visiting its site in recent weeks might have downloaded a logic bomb and worm planted by hackers claiming a "logic bomb" will go off if Mitnick is not released from prison.
January: Anti-hacker runs during Super Bowl XXXII
February: The Internet Software Consortium proposes the use of DNSSEC (domain-name system security extensions) to secure DNS servers.
During heightened tensions in the Persian Gulf, hackers touch off a string of attacks against Pentagon computers, dubbed the Solar Sunrise. This leads to the establishment of round-the-clock, online guard duty at major military computer sites. U.S. Deputy Defense Secretary John Hamre called it "the most organized and systematic attack" on U.S. military systems to date^{[citation needed]}. An investigation points to two American teens. A 19-year-old Israeli hacker who calls himself The Analyzer (aka Ehud Tenenbaum) is eventually identified as their ringleader and arrested. Tenenbaum is later made chief technology officer of a computer consulting firm.
March: Timothy Lloyd is indicted for planting a logic bomb on the network of Omega Engineering and causing millions in damage.
Hackers alter The New York Times Web site, renaming it HFG (Hacking for Girlies). The hackers express anger at the arrest and imprisonment of Kevin Mitnick, the subject of the book "Takedown" co-authored by Times reporter John Markoff.
Two hackers are sentenced to death by a court in China for breaking into a bank computer network and stealing 260,000 yuan ($31,400).
June: Information Security publishes its first annual Industry Survey, finding that nearly three-quarters of organizations suffered a security incident in the previous year.
July: Hackers break into United Nations Children Fund Web site threatening "holocaust."
August: The hacking group CULT OF THE DEAD COW releases its Trojan horse program, Back Orifice at DEF CON. Once a user installs the Trojan horse on a machine running Windows 95 or Windows 98, the program allows unauthorized remote access of the machine.
October: "U.S. Attorney General Janet Reno announces National Infrastructure Protection Center."
December: L0pht testifies to the senate that it could shut down nationwide access to the Internet in less than 30 minutes.
December 29: the Legions of the Underground (LoU) declared cyberwar on Iraq and China with the intention of disrupting and disabling internet infrastructure.

[edit] 1999

Software Security Goes Mainstream In the wake of Microsoft's Windows 98 release, 1999 becomes a banner year for security (and hacking). Hundreds of advisories and patches are released in response to newfound (and widely publicized) bugs in Windows and other commercial software products. A host of security software vendors release anti-hacking products for use on home computers.
The Electronic Civil Disobedience project, an online political performance-art group, attacks the Pentagon calling it conceptual art and claiming it to be a protest against the U.S. support of the suppression of rebels in southern Mexico by the Mexican government. ECD uses the FloodNet software to bombard its opponents with access requests.
Classified computer systems at Kelly Air Force Base in San Antonio, Texas, come under attack from a number of locations around the world, but the attacks were detected and stopped by newly developed Defense Department systems.
U.S. Information Agency Web site is hacked for the second time in six months. The hacker circumvented the agency's Internet security and damaged the hard drive, leaving behind the message "Crystal, I love you" and the signature "Zyklon."
Rep. Curt Weldon, R-Pennsylvania, says Defense Department computers are under a "coordinated, organized" attack from hackers. "You can basically say we are at war", he said.
U.S. President Bill Clinton announces a $1.46 billion initiative to improve government computer security. The plan would establish a network of intrusion detection monitors for certain federal agencies and encourage the private sector to do the same.
Kevin Mitnick, detained since 1995 on charges of computer fraud, signs plea agreement.
Made-for-TV movie Pirates of Silicon Valley is shown on TNT, which starts out with the Blue Box hacking days of Steve Wozniak.
January 7: an international coalition of hackers (including CULT OF THE DEAD COW, 2600 's staff, Phrack's staff, L0pht, and the Chaos Computer Club) issued a joint statement ([2]) condemning the LoU's declaration of war. The LoU responded by withdrawing its declaration.
March: The Melissa worm is released and quickly becomes the most costly malware outbreak to date.
April: The U.S. Justice Department declines to prosecute former CIA Director John Deutch for keeping 31 secret files on his home computer after he left office in 1996.
July: CULT OF THE DEAD COW releases Back Orifice 2000 at DEF CON
September: Level Seven hacks The US Embassy in China's Website and places racist, anti-government slogans on embassy site in regards to 1998 U.S. embassy bombings. [3]
October: American Express introduces the "Blue" smart card, the industry's first chip-based credit card in the US.
Unidentified hackers seized control of a British military communication satellite and demanded money in return for control of the satellite.
December: David L. Smith pleads guilty to creating and releasing the Melissa virus. It's one of the first times a person is prosecuted for writing a virus.

[edit] 2000s

[edit] 2000

January: A Russian cracker attempts to extort $100,000 from online music retailer CD Universe, threatening to expose thousands of customers' credit card numbers, posting them on a website after the attempt to extort money from the company failed. Barry Schlossberg (AKA Lou Cipher) is successful at getting $1.4M from CD Universe for "services rendered", in an attempt to "catch the Russian hacker".
Second week of February: In the first and one of the biggest denial-of-service attacks to date, Canadian hacker MafiaBoy launches successful distributed denial-of-service (DDoS) attack taking down several high-profile Web sites, including Amazon, CNN and Yahoo!.
Activists in Pakistan and the Middle East deface Web sites belonging to the Indian and Israeli governments to protest oppression in Kashmir and Palestine.
Hackers break into Microsoft's corporate network and access source code for the latest versions of Microsoft Windows and Microsoft Office software. It is later released to several filesharing networks. The Register splashes with the immortal (and suppositional) headline: 'M$ hacked! Russian Mafia swipes WinME source'.
March: President Clinton says that he doesn't use e-mail to communicate with his daughter Chelsea Clinton at college because he doesn't think the medium is secure.
April: The U.S. Department of Justice unveils a portal that notes the government's position on Internet security and privacy issues, tracks prosecution of cybercriminals and provides guidelines for cybercrime investigations.
May: a new virus appeared that spread rapidly around the globe. The "I Love You" virus infected image and sound files and spread quickly by causing copies of itself to be sent to all individuals in an address book.
June: President Clinton signs the "Electronic Signatures in Global and National Commerce" (E-Sign) into law, making digital signatures legally binding.
June: The Honeynet Project, led by Lance Spitzner, launches, collecting hacking intelligence through a network of decoy servers.
July: The SANS Institute releases its first "Top 10 Vulnerabilities" list, denoting the most prevalent problems exploited by hackers.
Jennifer Granick is an in-demand lawyer who explains hackers’ rights to them at conventions.
A 19-year-old Midwestern law student who calls herself ViXen900 is a member of the HNC hackers’ group and advises them on legal issues.
Kevin Mitnick is released from prison.

[edit] 2001

Microsoft becomes the prominent victim of a new type of crack that attacks the domain name server. In these denial-of-service attacks, the DNS paths that take users to Microsoft's Web sites are corrupted. The hack is detected within a few hours, but prevents millions of users from reaching Microsoft Web pages for two days.
January: Port7Alliance is born.
February: A Dutch cracker releases the Anna Kournikova virus, initiating a wave of viruses that tempts users to open the infected attachment by promising a sexy picture of the Russian tennis star.
March: FBI agent Robert P. Hanssen is charged with using his computer skills and FBI access to spy for the Russians.
March: The L10n worm is discovered in the wild attacking older versions of BIND DNS.
April: FBI agents trick two Russian crackers into coming to the U.S. and revealing how they were cracking U.S. banks.
May:
- Spurred by elevated tensions in Sino-American diplomatic relations, U.S. and Chinese hackers engage in skirmishes of Web defacements that many dub "The Sixth Cyberwar".
- Crackers begin using "pulsing" zombies, a new DDoS method that has zombie machines send random pings to targets rather than flooding them, making it hard to stop attacks.
- AV experts identify Sadmind, a new cross-platform worm that uses compromised Sun Solaris boxes to attack Windows NT servers.
July: Russian programmer Dmitry Sklyarov is arrested at the annual Def Con hacker convention. He is the first person criminally charged with violating the Digital Millennium Copyright Act (DMCA).
August: Code Red worm, infects tens of thousands of machines.
September: The World Trade Center and Pentagon terrorist attacks spark lawmakers to pass a barrage of anti terrorism laws many of which group Hackers as terrorists and remove many long standing personal freedoms in the name of safety.
September: Nimda, a new memory-only worm, wreaks havoc on the Internet, quickly eclipsing Code Red's infection rate and recovery cost.
November:
- Microsoft, other major software vendors, and commercial security research organizations propose "responsible disclosure" guidelines as an alternative to "full disclosure" of security vulnerabilities.
- The European Union adopts the controversial cybercrime treaty, which makes the possession and use of hacking tools illegal.

[edit] 2002

January: Bill Gates decrees that Microsoft will secure its products and services, and kicks off a massive internal training and quality control campaign.
February: As part of its Trustworthy Computing initiative, Microsoft shuts down all Windows development, sending more than 8,000 programmers to security training.
April: The U.S. Army initiates the "Mannheim Project", an effort to better consolidate and secure the military's IT assets from cyber-warfare.
May: Klez.H, a variant of the worm discovered in November 2001, becomes the biggest malware outbreak in terms of machines infected, but causes little monetary damage.
June: The Bush administration files a bill to create the Department of Homeland Security, which, among other things, will be responsible for protecting the nation's critical IT infrastructure.
July: An Information Security survey finds that most security practitioners favor full disclosure because it helps them defend against hacker exploits and puts pressure on software vendors to improve their products.
August: Researcher Chris Paget publishes a paper describing "shatter attacks", detailing how Windows' unauthenticated messaging system can be used to take over a machine. The paper raises questions about how securable Windows could ever be.
September: The White House's Office of Homeland Security releases a draft of the "National Strategy to Secure Cyberspace", which many criticize as being too weak.
October: The International Information Systems Security Certification Consortium - (ISC)2 - confers its 10,000th CISSP certification.

[edit] 2003

March: CULT OF THE DEAD COW and Hacktivismo are given permission by the United States Department of Commerce to export software utilizing strong encryption.
August 23: Jesus Oquendo "sil" of AntiOffline releases "BRAT" Border Router Attack Tool as part of "Theories in Denials of Service in an effort to make administrators aware of the possibility of a worm attack tool capable of breaking backbone routes on the Internet
December 18: Milford Man pleas guilty to hacking.

[edit] 2004

March: Myron Tereshchuk is arrested for attempting to extort $17 million from Micropatent. FBI agents find explosives and biological weapons in the course of the raid.
July 13: InformationLeak.net [4] is born and encompasses the ideals held by many of the groups from the so called golden age of hacking.

[edit] 2005

September 15: An unnamed teenager is sentenced to 11 months for gaining access to T-Mobile USA's network and exploiting Paris Hilton's sidekick. It turned out this teen was also responsible for breaking into data broker LexisNexis' system in January.
November 4: Jeanson James Ancheta, who prosecutors say was a member of the "Botmaster Underground", a group of script kiddies who are mostly noted for their excessive use of bot attacks and propagating vast amounts of spam, was taken into custody after being lured to FBI offices in Los Angeles. [5]

[edit] 2006

January: One of the few worms to take after the old form of malware, destruction of data rather than the accumulation of zombie networks to launch attacks from, is discovered. It had various names, including Kama Sutra (used by most media reports), Black Worm, Mywife, Blackmal, Nyxem version D, Kapser, KillAV, Grew and CME-24. The worm would spread through e-mail client address books, and would search for documents and fill them with garbage, instead of deleting them to confuse the user. It would also hit a web page counter when it took control, allowing the programmer who created it as well as the world to track the progress of the worm. It would replace documents with random garbage on the third of every month. It was hyped by the media but actually affected relatively few computers, and was not a real threat for most users.
February: Direct-to-video film The Net 2.0 is released, as a sequel to The Net, following the same plotline, but with updated technology used in the film, using different characters, and different complications. The same director of The Net is the director of The Net 2.0.
May: Jeanson James Ancheta receives a 57 month prison sentence, and is ordered to pay damages amounting to $15,000.00 to the Naval Air Warfare Center in China Lake and the Defense Information Systems Agency, for damage done due to DDoS attacks and hacking. He will be on supervised release for three years with limited access to computers and the Internet as he works on repaying those agencies. Ancheta also had to forfeit his gains to the government, which include $60,000 in cash, a BMW, and computer equipment.
September: Viodentia releases FairUse4WM tool which would remove DRM information off WMA music downloaded off Yahoo music and Napster.
October: Jesus Oquendo releases Asteroid, a SIP Denial of Service testing tool. It broke all versions of Asterisk until 1.2.13. Asteroid is also known to affect certain SIP Softphones, SIP Phones and possibly other products using the SIP protocol. It was used in Henning Schulzrinne's Columbia University seminars. See MITRE CVE-2006-5444 and CVE-2006-5445

Retrieved from "http://en.wikipedia.org../../../t/i/m/Timeline_of_hacker_history.html"