Week of December 19 – December 25
Cyber is a nascent field, but it still has a few significant anniversaries. Welcome to the first installment in “This Week in Cyber” where we look back on major events that have impacted information technology and cyber security. This is more than just an historical exercise. Looking back at historical events can help us understand where cyber has been, where it is headed, and how we should choose to make cyber-risk management decisions in the future.
December 19, 1974: Altair’s Mail-Order Microcomputer
Days before Christmas, the January 1975 edition of Popular Electronics hit newsstands. Under the headline “Breakthrough,” the cover featured the world’s first microcomputer, which could be ordered by mail and assembled using a build-it-yourself kit: the Altair 8800. The company selling the kits, Micro Instrumentation and Telemetry Systems (MITS), was a struggling calculator manufacturing business seeking to provide a more affordable alternative to computers.
The Altair’s impact was amplified by a decentralized network of hobbyist technologists who organized around its inception. Operating out of a garage in Palo Alto, the Homebrew Computer Club is the most famous example of these ad-hoc institutions. The club and its storied membership roster was depicted in the films Pirates of Silicon Valley (1999) and Jobs (2013), as well as the PBS documentary series, Triumph of the Nerds (1996). The microcomputer also led Bill Gates to launch Microsoft and develop its first product: an interpreter for the BASIC programming language that could run on the Altair 8800. Microsoft’s Altair BASIC program was particularly coveted because, once implemented, Altair users could program by typing commands directly to their machines, rather than relying on the laborious practice of using paper-tape. Although MITS failed to deliver the Altair 8800 with all its promised features, the invention is credited as the start of the PC Revolution.
December 22, 1988: SPAN’s Father Christmas Worm
A prank prompted a security overhaul after a rogue program was detected on NASA’s Space Physics Analysis Network, or SPAN. Affectionately dubbed the “Father Christmas Worm,” the program was self-replicating and spread to an estimated 6,000 unique computer nodes. For two days, the worm circulated a program titled “HI.COM” and remained dormant. On December 24th at midnight, the program generated an electronic greeting from “Father Christmas,” urging the user to “Stop computing and have a good time at home!!!!”
The SPAN Security Team recognized that the worm was all in good fun. HI.COM deleted itself after executing the mail message, so cleanup and remediation efforts required minimal effort. However, the incident prompted NASA to implement several security standards for its employees, including stronger password policies. As part of the response, the agency also created a formalized procedure for dealing with worms, viruses, and other digital threats.
December 25, 2013: Great Dogecoin Heist of 2013
Three years ago, it was not a Merry Christmas for users of the joke cryptocurrency Dogecoin. Thirteen million coins, together worth about $20,000 USD, disappeared overnight in the so-called Great Dogecoin Heist of 2013. Attackers exploited a vulnerability in the popular coin storage service called Dogewallet and, because their identities were never discovered, conspiracy theories abounded.
Although Dogecoin was created as a satiric take on the seemingly-interminable variety in cryptocurrencies, the attack had real security implications for the future of anonymous cash. The heist undermined users’ trust in the legitimacy of cryptocurrencies. In the words of one affected user: “such sad. much lost. :’(“
Cybersecurity is particularly important during the holiday season. There is always an uptick in cybersecurity incidents throughout November and December, as attackers try to cash-in on the Season of Giving. Keep these events in mind, practice cyber hygiene all year round, and avoid making our list in a few years from now.