Community Industry Milestones
Many chronologies can be found about cyber insecurity: first virus, first ransomware etc. We as a company are committed to being optimistic about cyber security and so we have started to capture the progress that cyber security as an industry has made throughout its short history. We started work on this in 2018, with an earlier version, and a bit more about the ethos underpinning it, in this blog post.
Please contact us if you have relevant ideas on what to place on this timeline.
The UK NCSC is opened
Her Majesty The Queen officially opens the National Cyber Security Centre which aims to make the UK the safest place in the world to be online.
The Internet Atlas is published (but… Flash…)
An online visual representation of the physical location of key parts of Internet is launched. Showing the physical location of the infrastructure helps the general public become more aware of the fragility.
Google using attacker heuristics to identify account hijacking
Google introduce multiple security features to Gmail. Looking at how attackers will move through an account and capturing those heuristics to alert faster on account compromise.
Google Prompt launched
Google Prompt gives users a convenient form of 2Factor Authentication by allowing them to approve or reject sign-in request by simply pressing 'Yes' or 'No' on a mobile device.
No More Ransom initiative
A website set up by law enforcement and IT companies to help people recover files after a ransomware attack and also to educate users in order to prevent attacks in the first place.
Google introduced 2FA on Gmail
Google start using 2 factor authentication, greatly reducing the risk of account takeover.
Google authenticator app released
With smartphones being widely available by this time Google's Authenticator app was a great way to get a OTP without using sms.
Yubico releases the first YubiKey enabling hardware 2 factor authentication.
The FFIEC advises banks to use 2FA
Federal Financial Institutions Examination Council (FFIEC) call for banks to incorporate new, secondary secure-ID technology by the end of 2006.
Introduction of smartphones.
The explosion in the number of smartphone ownership made it much easier for people to use 2 Factor Authentication.
Microsoft develop PPTP, creating more secure connections between computers and the internet.
A support engineer at Netscape coined the phrase 'Bug Bounty'. The scope of the bounty was the then new Netscape Navigator 2.0 browser.
SSH, designed to replace Telnet, is a network protocol that gave an encrypted channel over unsecured networks.
Created by Netscape Communications in 1994, HTTPS is a method of secure communication over a network that uses TLS (or previously SSL). HTTPS allows for a private, encrypted session, greatly reducing the risk of man-in-the-middle attacks.
Developed by Phil Zimmermann in 1991, Pretty Good Privacy is an encryption program. It is used to secure data and communications, such as emails, files, partitions etc.
The First firewalls
Used as a barrier between internal networks and external networks. In 1988 engineers from the Digital Equipment Corporation developed the first generation of firewalls called a Packet Filter.
The first anti virus product is released
A program for the Atari ST platform written by Andreas Luning and Kai Figge becomes the first anti virus program to be released.
Use of hardware tokens for one time password
Matching a hardware device containing a clock with a users account created a second factor of authentication, greatly increasing security.
Public key encryption
Public key cryptography was invented in 1976 by Whitfield Diffie and Martin Hellman. For this reason, it is sometime called Diffie-Hellman encryption. It is also called asymmetric encryption because it uses two keys instead of one key (symmetric encryption). The problem wasn't solved until 1977 by Rivest, Shamir and Adleman (RSA Encryption).
MIT’s CTSS system required users to log in with a password
With multiple users using the same system but needing privacy for their files, a password system seemed the best way to go. Now each user could log off from the system knowing that the net user couldn't access their files without the password.