The History of Hacking & Cybersecurity: Full Timeline

Tyler Cross
Updated on: December 20, 2024 Senior Writer

Cybersecurity and hacking have a rich and fascinating history. However, huge technological changes and evolving terminology can make it hard to understand the details and significance of events from the early history of cybersecurity.

I compiled this guide to give you a brief overview of cybersecurity and hacking history. Learn about the first hackers, the origins of malware, and more. Though I’ll mostly focus on the early years, I’ll provide a timeline of events right up to 2024.

Basically, viruses began as pranks and antivirus programs were made to clean up the mess. Over time, hacks became increasingly more threatening, which required companies like Norton to release capable antiviruses. Since then, security experts and malicious hackers have been engaged in a constant battle to outdo each other.

LEARN MORE ABOUT NORTON

The Early Years of Cybersecurity

The origins of cybersecurity trace back to the 1960s. At that point, interconnected computing systems created the need for user access controls. Because these networks had lots of users, many recognized that rogue users could cause disruptions if they had unrestricted access to key bits of code. With the emergence of ARPANET (a predecessor of the internet), researchers began noticing vulnerabilities that could be exploited.

As networks expanded, so did the awareness of potential threats. By the 1980s, as personal computers became mainstream, malicious actors started creating software to exploit these systems, prompting the development of defensive tools. This era laid the groundwork for modern cybersecurity.

What Is the First Known Malware Strain?

The first malware strain wasn’t a sophisticated computer killer, a ransomware strain, or some nasty tool designed to steal personal information; it was a simple prank. The Creeper worm was created in 1971 by Bob Thomas after ARPANET started gaining popularity as a shared computing system. All it did was display a simple line of text on infected devices that read “I’m the creeper, catch me if you can!”

Who Was the First Hacker?

This is more difficult to answer as it depends on your definition of a hacker. On top of that, because many hackers work in the shadows, lots of activity likely remains undocumented. The term “hacker” first appeared in the 1950s, but at this point, “hacker” referred to someone adept at modifying computer systems and hardware. The earliest hackers were members of the MIT Model Railroad Club. While they began with model railroads, the club quickly turned towards computer science and early modifications to software.

The first people we might recognize as hackers actually worked with telephone systems rather than computers. So-called phone phreakers emerged in the US in the 1960s and used their technical skills to make free phone calls and cause all sorts of mischief. John Draper (alias Captain Crunch) is probably the best-known phone phreaker. While many phreakers were generally harmless, others engaged in harassment and fraud.

But if we restrict our definition to computer hackers, Allan L. Scherr is a good candidate. He hacked into an IBM 7094 mainframe to bypass the limitations on his computer access at school, which may make him the earliest hacker. But not everyone will count such rudimentary activity as a bonafide hack. Many other students with access to computers probably accomplished similar things around the same time.

Who Made the First Antivirus?

The first antivirus program, Reaper, was developed by Ray Tomlinson in the early 1970s. It was created to combat Creeper, the worm we discussed earlier. Reaper was much more simplistic than any modern antivirus, but it was able to accomplish its singular job: removing Creeper from infected devices. As more malware strains emerged (most far more destructive than the humble Creeper), antiviruses had to evolve to offer broader protection.

Commercial antivirus solutions emerged in the 1980s, with companies like McAfee and Symantec paving the way for the industry. As time went on, other companies like Norton and Bitdefender threw their hats in the ring. A mainstream market of various antivirus solutions emerged, each with its own selling points.

There are several great antiviruses out there nowadays (and many more that aren’t worth your time). My personal favorite, Norton, has the honor of being one of the oldest antiviruses of all time.

Read Review

Save 58% on Norton 360 Deluxe!

Get Norton 360 Deluxe for only $49.99*!

Get Deal

A Cybersecurity Timeline: Biggest Hacks & Most Important Moments

1960s

• 1967: The concept of computer security emerged as IBM developed the Compatible Time-Sharing System (CTSS), an early example of a multi-user operating system. This highlighted the need for access controls.

1970s

• 1971: The first virus, dubbed the Creeper Virus, is created as an experiment on ARPANET. It displays a harmless message on thousands of infected devices.
• 1972: The first antivirus program, Reaper, is created to destroy the Creeper virus.
• 1973: Robert Metcalfe identifies ARPANET vulnerabilities. This marks one of the first times cybersecurity issues were brought to light.
• 1975: Bill Gates and Paul Allen found Microsoft.
• 1976: Apple Computer Inc. is created.

1980s

• 1983: The movie WarGames popularizes the concept of hacking, bringing cybersecurity to public attention.
• 1986: The Computer Fraud and Abuse Act (CFAA) is passed in the U.S., criminalizing unauthorized access to computer systems.
• 1988: The Morris Worm, one of the first major network-disrupting worms, infects ARPANET, affecting approximately 10% of connected systems. The creator is later the first person convicted for hacking under the CFAA.
• 1989: Joseph Popps uses floppy discs to deliver the world’s first ransomware attack.

1990s

• 1991: The Michelangelo virus is discovered. With the potential to spread undetected and brick affected devices, Michelangelo garners widespread attention in the media. Months later, Norton updates its antivirus so that it can detect and remove Michelangelo.
• 1994: The first mass phishing attack targets AOL users. Thousands of users have their passwords stolen.
• 1995: The Java programming language introduces sandboxing as a way to contain potentially malicious code.
• 1999: The Melissa Virus spreads widely thanks to its ability to hijack victims’ email. The FBI estimates that Melissa caused $80 million in damages.

2000s & Beyond

• 2000: The ILOVEYOU Worm infects millions of computers, causing billions of dollars in damages.
• 2001: Exploiting a vulnerability in Microsoft IIS servers, the Code Red worm infects 359,000 systems in less than 14 hours.
• 2003: The infamous hacking group Anonymous first appears.
• 2004: The abundance of spyware and adware prompts the development of anti-spyware tools.
• 2007: Estonia suffers the first large-scale cyberattack directed at a specific country. Government bodies, media organizations, and banking systems are all targeted. These events serve as a wake-up call, with many countries devoting resources to cyberwarfare.
• 2010: The Stuxnet worm targets Iran’s nuclear program — this is the first known use of a cyberweapon to cause physical damage.
• 2013: A data breach at Yahoo compromises 3 billion accounts, one of the largest breaches in history. The company does not acknowledge the attack, leading to extensive criticism when it came to light years later.
• 2014: Sony Pictures is hacked, exposing internal emails and sensitive data. North Korean state-sponsored hackers are blamed for the attack.
• 2017: The WannaCry ransomware attack exploits vulnerabilities in Windows systems, causing global internet disruptions.
• 2020: The SolarWinds Hack, a sophisticated supply chain attack, compromises numerous U.S. government agencies and companies.
• 2021: A ransomware attack on the Colonial Pipeline disrupts fuel supplies in the eastern United States. The pipeline is essentially shut down for days, demonstrating the need to improve the cybersecurity of vital infrastructure.
• 2023: The file transfer software Moveit is attacked using a SQL injection. As a result, over a thousand companies have their data stolen and the global supply chain is affected.
• 2024: Ransomware attacks have grown in frequency around the world. Attacks on sensitive infrastructure occurring daily in places like the UK underline the continued need for capable antivirus software. State-sponsored hacking groups are on the rise and launching aggressive attacks on enemy states.

Frequently Asked Questions