What's the earliest computer security incident reported in the general media? I was curious.
Now that Google's News Archives Search includes 200 years worth of publications, it's easy to search printed records without having to go to the library and sift through micro films. The archive doesn't include all media records, but I think it is a good indication of the general state of the media's coverage of computer security.
Minneapolis Programmer Milo Arthur Bennett, whose firm handled computer work for the National City Bank of Minneapolis, programmed the computer in 1966 to ignore an overdraft in his own account at the bank.This article highlighted the increasing profitability of computer crimes. It explained that a "handful of keypunch crooks have already thought of some ingenious ways to defraud the Brain, with varying results." The text also mentioned the following incident, which was motivated by the desire to use someone else's computer for monetary gain.
Palo Alto Programmer Hugh Jeffrey Ward learned, from customers of a computer firm in Oakland, code numbers that enabled him to give orders to the firm's computer. ... He told the Oakland computer to print out a program for plotting complex aerospace data in graph form. ... His company presumably planned to market the program, which was valued at $12,000 or more, to the Oakland firm's own customers. ...Five years later, in August 1977, the Time Magazine published an article that included the earliest mention of an external computer intrusions I could find:
The conviction of one man, accused of stealing confidential information from a Federal Energy Administration computer in Maryland, was possible only because the thief had dialed into a system from his office a few miles away in Virginia.Another intrusion mentioned in the article occurred at an identified company and involved brute-force password guessing. The article also mentioned the challenge of striking the right balance between security and usability:
One computer, protected by a five-digit code number, was illegally entered in minutes when the thief ordered the computer to begin trying every one of the 100,000 possible combinations. But tighter security would cost both money and time. Says Robert Courtney of I.B.M. "If you're running thousands of transactions a day, you don't want to spend ten seconds or so every time arguing with the computer about who you are."After a multi-year gap, the next computer security mention I found dates to 1981. A June 1981 article in the New York Times describes how an employee misused a computer to set up a race-track betting system:
His activities were uncovered by the school board's auditor general, who turned the case over to a specialist in computer security for the city's Department ... The arrested programmer 'was described by a New York City investigator as ''a good employee"' ... [Note: This article excerpt was indexed by Google.]Two years later, in August 1983, an external intrusion caught the public's eye in a way that it hasn't earlier. Multiple media articles described a computer security break-in to the Los Alamos National Laboratory. The intruders were youths, apparently inspired by the War Games movie. Here are a few excerpts from the articles that discussed this incident:
The apparent electronic penetration of an unclassified computer in a nuclear weapons laboratory by a group of young people was not a threat to national security, telecommunication experts said today. But they said the incident illustrated the extraordinary difficulty of guaranteeing the security of any information ...This incident was a big deal because it demonstrated the importance of computer security to the general public. The sentiment is expressed by an August 1983 article in the New York Times:
Corporate executives and telecommunications experts said yesterday that the recent breach of computer security at the Los Alamos National Laboratory in New Mexico had renewed fears about entrusting proprietary information to data networks that are easily accessible by telephone. ...Such factors highlighted the need for commercial computer security products. About a month after the Los Alamos incident, a September 1983 article in the Miami Herald described Datacryptor, which sounds like the first commercial VPN product I came across:
Racal-Milgo, a Miami computer company, thinks its $2,000 black box may be just the answer for businesses worried about computer crime. The Datacryptor, as the device is known, is an electronic scrambler that turns sensitive computer talk into undecipherable gibberish. But even the Datacryptor isn't immune to computer crime.A New York Times article, published the same month, noted that "the market for computer security software is booming," according to the article excerpt indexed by Google.
Another article, dated to October 1983 and published by the New York Times, introduced the readers to the role of a computer security specialist. The article was titled "New Breed of Workers: Computer Watchdogs" and contained the following description:
Processing manager for a major corporation suddenly notices unusual levels of activity on his company's computer. He investigates, and discovers that the system has been tampered with over telephone lines. Corporate panic follows as company officials try to determine what was disclosed, what was damaged and how vulnerable their ...If you're wondering when the first identity theft-related breach caught the media's eye, look no further than June 1984. A security breach at credit-reporting agency led to the disclosure of a password used to protect credit reports. Here are a few excerpts from the articles that described the incident:
A password that could permit access to the credit histories of 90 million people was stolen and posted on an electronic bulletin board, TRW Information Systems said yesterday. ...
The subsequent years lead to a surge in computer use, the emergence of the Internet, and the shaping of the computer security landscape as we know it today.
Sep 10th 2006
1 decade ago