This week CRIBB Cyber Security is 5 and to celebrate, we’re looking at the evolution of cyber security. The world as we now know it is far different to the one we experienced back in 2016. As we shall see, 5 years ago cyber-criminals were becoming more targeted and more sophisticated. That much has remained the same but the threats now are even more widespread and damaging.

The biggest security incidents of 2016

  • Late 2016 saw major DDoS attacks disrupt websites including Twitter, Netflix, PayPal, Pinterest and the PlayStation Network
  • A cyber-attack against ~40,000 Tesco bank accounts resulted in ~9,000 customers losing up to £600 in cash
  • Cyber-criminals breached the US Department of Justice and released data on 30,000 Department of Homeland Security and FBI employees
  • The ‘Peace’ cyber-criminal gang released more than half a billion passwords belonging to LinkedIn, Tumblr and Myspace users
  • Yahoo endured the biggest data breach in history at the time, with data stolen from up to 500 million customers

Read more in this article from ESET.

The biggest security incidents of 2021 (so far)

5 years on and a key trend has emerged: Whilst there are more breaches occurring, there are now fewer victims. In fact, the first half of 2021 saw just 118.6 million people impacted – down from 2.5 billion victims in 2016.

  • Hackers targeted Astoria Company and then breached databases, affecting 30 million individuals
  • 21 Million people were impacted when ParkMobile fell victim to a cyber security incident
  • A data breach at Infinity Insurance Company affected 5.72 million individuals
  • Hackers impacted the lives of 3.46 million people when they targeted Accellion
  • 20/20 Eye Care Network suffered a data breach affecting 3.25 million individuals. Data from its Amazon Web Services (AWS) environment was removed then deleted, including Social Security numbers and health insurance info

For more information, we recommend this piece from CRN.

A brief history of (cyber-)crime

  • The early 1970’s saw the creation of the first computer worm virus: Creeper
  • Creeper was then deleted by the Reaper programme
  • In 1989, the Morris Worm became the first widespread instance of a denial-of-service (DDoS) attack. Reports suggested it affected 6,000 computers, ~10% of all computers connected to the internet
  • The 1990’s then saw CERTs (Computer Emergency Response Teams) established to respond to such emergencies. Next came the large antivirus companies
  • For the next 20 years or so, these companies dominated the cyber security industry
  • From 2014 onward, cyber-criminals have become ever-more sophisticated. More cyber security strategies are now incorporating artificial intelligence, machine learning and behavioural detection

Innovation is key to combating cyber-crime but it is surprising how many organisations still do not place enough importance on IT security. Being cyber aware is imperative – remember, you are never too small to be a target!

The evolution of cyber security is a fascinating subject – at least to the experts here at CRIBB. We hope you agree and would love to hear from you in the comments section. To celebrate our 5th birthday this week, we’re offering free cyber-risk consultations. Contact us to learn more…