This is a timeline of hacker history. Hacking and cracking appeared with the first electronic computers. Below are some important events in the history of hacking and cracking.
1971 a Vietnam War veteran named John Draper discovers that the give-away whistle in Cap'n Crunch cereal boxes perfectly reproduces a 2600 hertz tone. Draper builds a "blue box" that, when used with the whistle and sounded into a phone receiver, allows phreaks to make free calls. Shortly afterwards, Esquire magazine publishes "Secrets of the Little Blue Box " with instructions for making a blue box, and wire fraud in the United States escalates.
1972 Abbie Hoffman helps found The Youth International Party Line newsletter. Hoffman's publishing partner, Al Bell , changed the YIPL newsletter's name to TAP, for Technical Assistance Program .
1972 The InterNetworking Working Group is founded to govern the standards of the developing network. Vinton Cerf is the chairman and is known as a "Father of the Internet "
1973 college kids Steve Wozniak and Steve Jobs, future founders of Apple Computer, launch a home industry Homebrew Computer Club making and selling blue boxes.
1970s Susan Thunder is one of the early “phone phreakers,” part of Kevin Mitnick’s crew who break into phone lines.
1978 First report of teen-age boys being kicked off the telephone system for pranks.
Bulletin boards - with names such as Sherwood Forest and Catch-22 - become the venue of choice for phreaks and hackers to gossip, trade tips, and share secret phone numbers computer passwords and even credit card numbers.
1982 In Milwaukee a group of six teenagers hackers calling themselves the 414's (their area code) break into some 60 computer systems at institutions ranging from the Los Alamos Laboratories to Manhattan's Memorial Sloan-Kettering Cancer Center before being arrested.
1983 Movie WarGames introduces the wider public to the phenomenon of hacking.
1983 Secret Service gets jurisdiction over credit card and computer fraud.
1984 Someone calling himself Lex Luthor founds the Legion of Doom. Named after a Saturday morning cartoon, the LOD had the reputation of attracting "the best of the best" — until one of the gang's brightest young acolytes, a kid named Phiber Optik, feuded with Legion of Doomer Erik Bloodaxe and got tossed out of the clubhouse. Phiber's friends formed a rival group, the Masters of Deception.
1984 Chaos Computer Club forms in Germany.
1984 The Comprehensive Crime Control Act gives the Secret Service jurisdiction over computer fraud .
1984 CULT OF THE DEAD COW forms in Lubbock, Texas and begins publishing its ezine.
1984 The hacker magazine 2600 begins regular publication, right when TAP was putting out its final issue. The editor of 2600, "Emmanuel Goldstein" (whose real name is Eric Corley), takes his handle from the leader of the resistance in George Orwell's 1984. The publication provide tips for would-be hackers and phone phreaks, as well as commentary on the hacker issues of the day. Today, copies of 2600 are sold at most large retail bookstores.
1985 The online 'zine Phrack is established.
1986 After more and more break-ins to government and corporate computers, Congress passes the Computer Fraud and Abuse Act, which makes it a crime to break into computer systems. The law, however, does not cover juveniles.
1987 Decoder magazine begins in Italy.
1987 The Computer Emergency Response Team (CERT) is created to address network security.
1988 The Morris Worm: Robert T. Morris, Jr. (RTM), a graduate student at Cornell University and son of a chief scientist at a division of the National Security Agency, launches a self-replicating worm on the government's ARPAnet (precursor to the Internet) to test its effect on UNIX systems. The worm gets out of hand and spreads to some 6000 networked computers, clogging government and university systems. Morris is dismissed from Cornell, sentenced to three years' probation, and fined $10,000.
1988 Kevin Mitnick secretly monitors the e-mail of MCI Communications and Digital Equipment Corporation security officials. Kevin Mitnick is convicted of violating computer network of Digital Equipment Corporation and sentenced to a year in jail.
Kevin Poulsen — was indicted on phone-tampering charges. Kevin went on the run and avoided capture for 17 months.
1988 First National Bank of Chicago is the victim of $70-million computer theft.
1989 The Germans and the KGB: In the first cyberespionage case to make international headlines, hackers in West Germany (loosely affiliated with the Chaos Computer Club) are arrested for breaking into U.S. government and corporate computers and selling operating-system source code to the Soviet KGB. Three of them are turned in by two fellow hacker spies, and a fourth suspected hacker commits suicide when his possible role in the plan is publicized. Because the information stolen is not classified, the hackers are fined and sentenced to probation. In a separate incident,
1989 Arrest of a hacker who calls himself The Mentor. He publishes a now-famous treatise that comes to be known as the Hacker's Manifesto.
1989 Fry Guy is raided by law enforcement; police hunt for Legion of Doom hackers.
1989 Jude Milhon (aka St Jude) and R. U. Sirius launch Mondo 2000, a major '90s tech-lifestyle magazine, in Berkeley, California.
1990 Operation Sundevil introduced. After a prolonged sting investigation, Secret Service agents swoop down on organizers and prominent members of BBSs in 14 U.S. cities including the Legion of Doom, conducting early-morning raids and arrests. The arrests involve and are aimed at cracking down on credit-card theft and telephone and wire fraud. The result is a breakdown in the hacking community, with members informing on each other in exchange for immunity. The offices of Steve Jackson Games are also raided, and the role-playing sourcebook GURPS Cyberpunk is confiscated, possibly because the government fears it is a "handbook for computer crime". Legal battles arise that prompt the formation of the Electronic Frontier Foundation.
1990, LOD and MOD engaged in almost two years of online warfare — jamming phone lines, monitoring calls, trespassing in each other's private computers. Then the Feds cracked down. For Phiber and friends, that meant jail.
A woman who goes by the handle Natasha Grigori (Bullwinkle’s nemesis in the classic cartoon) started out in the early starts running a bulletin-board system for software pirates. Now, at age “40-plus,” she’s the founder of antichildporn.org , a group of hackers who use their skills to track kiddie-porn distributors and pass the information on to law enforcement.
1991 Rumors circulate about the "Michelangelo" virus, expected to crash computers on March 6, 1992, the artist's 517th birthday. Doomsday passes without incident.
1991 Kevin Lee Pousen is captured and indicted for stealing military documents.
1991 resulted in jail sentences for four members of the Masters of Deception. Phiber Optik spent a year in federal prison.
1992 Release of the movie Sneakers, in which security experts are blackmailed into stealing a universal decoder for encryption systems.
1992 Hackers break into GAFB , NASA and KARI
1993 During radio station call-in contests, hacker-fugitive Kevin Poulsen and two friends rig the stations' phone systems to let only their calls through, and "win" two Porsches, vacation trips, and $20,000. Poulsen, already wanted for breaking into phone-company systems, serves five years in prison for computer and wire fraud .
1993 Texas A&M University professor receives death threats because a hacker used his computer to send 20,000 racist e-mails.
1993 The first DEF CON hacking conference takes place in Las Vegas. The conference is meant to be a one-time party to say good-bye to BBSs (now replaced by the Web), but the gathering is so popular it becomes an annual event.
1994, summer. Russian crackers siphon $10 million from Citibank and transfer the money to bank accounts around the world. Vladimir Levin, the 30-year-old ringleader , uses his work laptop after hours to transfer the funds to accounts in Finland and Israel. Levin stands trial in the United States and is sentenced to three years in prison. Authorities recover all but $400,000 of the stolen money.
1994 Hackers adapt to emergence of the World Wide Web quickly, moving all their how-to information and hacking programs from the old BBSs to new hacker Web sites.
1995, February. Kevin Mitnick was arrested again. This time the FBI accused him of stealing 20,000 credit card numbers. Kevin Mitnick is incarcerated on charges of "wire fraud and illegal possession of computer files stolen from such companies as Motorola and Sun Microsystems" He is held in prison for four years without a trial
1995 The movies The Net and Hackers are released.
1995 United States Department of Defense computers sustained 250,000 attacks by hackers
1995 Hackers deface federal web sites.
1995 AOL gives its users access to USENET, precipitating Eternal September.
1996 Kevin Poulsen is cleared of the military hacking charges and released. He starts a career as a freelance journalist.
1996 Hackers alter Web sites of the United States Department of Justice (August), the CIA (October), and the U.S. Air Force (December).
1996 Canadian hacker group, Brotherhood, breaks into the Canadian Broadcasting Corporation.
1996 The U.S. General Accounting Office reports that hackers attempted to break into Defense Department computer files some 250,000 times in 1995 alone. About 65 percent of the attempts were successful, according to the report.
1997 AOHell is released, a freeware application that allows a burgeoning community of unskilled script kiddies to wreak havoc on America Online. For days, hundreds of thousands of AOL users find their mailboxes flooded with multi-megabyte mail bombs and their chat rooms disrupted with spam messages.
1997 A 15-year-old Croatian youth penetrates computers at a U.S. Air Force base in Guam.
December 1997 Information Security publishes first issue.
1997 Hackers get into Microsoft's Windows NT operating system.
January 1998 Yahoo! notifies Internet users that anyone visiting its site in recent weeks might have downloaded a logic bomb and worm planted by hackers claiming a "logic bomb" will go off if Mitnick is not released from prison.
January, 1998 Anti-hacker runs during Super Bowl XXXII
1998 The hacking group CULT OF THE DEAD COW releases its Trojan horse program, Back Orifice at DEF CON. Once a user installs the Trojan horse on a machine running Windows 95 or Windows 98, the program allows unauthorized remote access of the machine.
February 1998 The Internet Software Consortium proposes the use of DNSSEC--domain-name system security extensions --to secure DNS servers.
1998 During heightened tensions in the Persian Gulf, hackers touch off a string of break-ins Solar Sunrise , a series of attacks targeting unclassified Pentagon computers and steal software programs, leads to the establishment of round-the-clock, online guard duty at major military computer sites. Then-U.S. Deputy Defense Secretary John Hamre calls it "the most organized and systematic attack" on U.S. military systems to date. An investigation points to two American teens. A 19-year-old Israeli hacker who calls himself The Analyzer (aka Ehud Tenebaum) is eventually identified as their ringleader and arrested. Tenebaum is later made chief technology officer of a computer consulting firm.
March 1998 Timothy Lloyd is indicted for planting a logic bomb on the network of Omega Engineering . The logic bomb causes millions in damage.
1998 Hackers alter The New York Times Web site, renaming it HFG (Hacking for Girlies ). The hackers express anger at the arrest and imprisonment of Kevin Mitnick, the subject of the book "Takedown" co-authored by Times reporter John Markoff.
1998 Two hackers are sentenced to death by a court in China for breaking into a bank computer network and stealing 260,000 yuan ($31,400).
June 1998 Information Security publishes its first annual Industry Survey , finding that nearly three-quarters of organizations suffered a security incident in the previous year.
July, 1998 Hackers break into United Nations Children Fund Web site threathening "holocaust"
October, 1998 "U.S. Attorney General Janet Reno announces National Infrastructure Protection Center "
December, 1998 LØpht testifies to the senate that it could shut down nationwide access to the Internet in less than 30 minutes.
1999 Software Security Goes Mainstream In the wake of Microsoft's Windows 98 release, 1999 becomes a banner year for security (and hacking). Hundreds of advisories and patches are released in response to newfound (and widely publicized) bugs in Windows and other commercial software products. A host of security software vendors release anti-hacking products for use on home computers.
1999 The Electronic Civil Disobedience project , an online political performance -art group, attacks the Pentagon calling it conceptual art. It said it was protesting U.S. support of the Mexican suppression of rebels in southern Mexico. Carmin Karasic , helped write FloodNet , the tool used by ECD to bombard its opponents with access requests in a symbolic, harmless version of the denial-of-service attacks that took down CNN and Yahoo.
1999 Classified computer systems at Kelly Air Force Base in San Antonio, Texas, come under attack from a number of locations around the world, but the attacks were detected and stopped by newly developed Defense Department systems.
1999 U.S. Information Agency Web site is hacked for the second time in six months. The hacker circumvented the agency's Internet security and damaged the hard drive, leaving behind the message "Crystal, I love you" and the signature "Zyklon."
1999 Rep. Curt Weldon, R-Pennsylvania, says Defense Department computers are under a "coordinated, organized" attack from hackers. "You can basically say we are at war," he said.
1999 U.S. President Bill Clinton announces a $1.46 billion initiative to improve government computer security. The plan would establish a network of intrusion detection monitors for certain federal agencies and encourage the private sector to do the same.
1999 Kevin Mitnick, detained since 1995 on charges of computer fraud , signs plea agreement.
March 1999 The Melissa worm is released and quickly becomes the most costly malware outbreak to date.
April 1999 The U.S. Justice Department declines to prosecute former CIA Director John Deutch for keeping 31 secret files on his home computer after he left office in 1996.
October 1999 American Express introduces the "Blue" smart card, the industry's first chip-based credit card in the US.
1999 "Unidentified hackers seized control of a British military communication satellite and demanded money in return for control of the satellite
December 1999 David L. Smith pleads guilty to creating and releasing the Melissa virus. It's one of the first times a person is prosecuted for writing a virus.
January 2000 A Russian cracker attempts to extort $100,000 from online music retailer CD Universe , threatening to expose thousands of customers' credit card numbers. Posting them on a website after the attempt to extort money from the company failed. Barry Schlossberg (AKA Lou Cipher) is successful at extoring 1.4M from CD Universe for "services rendered", in an attempt to "catch the russian hacker".
second week of February 2000 Canadian hacker MafiaBoy In the first and one of the biggest denial-of-service attacks to date, launches successful distributed denial-of-service (DDoS) attack taking down several high-profile Web sites, including Amazon, CNN and Yahoo!.
2000 Activists in Pakistan and the Middle East deface Web sites belonging to the Indian and Israeli governments to protest oppression in Kashmir and Palestine.
2000 Hackers break into Microsoft's corporate network and access source code for the latest versions of Microsoft Windows and Microsoft Office software. It is later released to several filesharing networks. The Register splashes with the immortal (and suppositional) headline: 'M$ hacked! Russian Mafia swipes WinME source'.
2000 The following sites were attacked by hackers using distributed denial of service Yahoo, eBay, CNN.com, Amazon.com, Buy.com , ZDNet, E*Trade, and Datek
March 2000 President Clinton says he doesn't use e-mail to communicate with his daughter, Chelsea Clinton, at college because he doesn't think the medium is secure.
April 2000 The U.S. Department of Justice unveils a portal that notes the government's position on Internet security and privacy issues, tracks prosecution of cybercriminals and provides guidelines for cybercrime investigations.
May 2000, a new virus appeared that spread rapidly around the globe. The "I Love You" virus infected image and sound files and spread quickly by causing copies of itself to be sent to all individuals in an address book.
May 2000 The LoveLetter virus sweeps across the globe in hours, wreaking havoc on networks and causing millions in damage and lost productivity.
June 2000 President Clinton signs the "Electronic Signatures in Global and National Commerce " (E-Sign ) into law, making digital signatures legally binding.
June 2000 The Honeynet Project , led by Lance Spitzner , launches, collecting hacking intelligence through a network of decoy servers.
July 2000 The SANS Institute releases its first "Top 10 Vulnerabilities " list, denoting the most prevalent problems exploited by hackers. Jennifer Grannick is an in-demand lawyer who explains hackers’ rights to them at conventions.
A 19-year-old Midwestern law student who calls herself ViXen900 is a member of the HNC hackers ’ group and advises them on legal issues.
2000 Kevin Mitnick is released from prison
2001
2001 Microsoft becomes the prominent victim of a new type of crack that attacks the domain name server. In these denial-of-service attacks, the DNS paths that take users to Microsoft's Web sites are corrupted. The hack is detected within a few hours, but prevents millions of users from reaching Microsoft Web pages for two days.
February 2001 A Dutch cracker releases the Anna Kournikova virus , initiating a wave of viruses that tempts users to open the infected attachment by promising a sexy picture of the Russian tennis star.
March 2001 FBI agent Robert P. Hanssen is charged with using his computer skills and FBI access to spy for the Russians.
March 2001 The L10n worm is discovered in the wild attacking older versions of BIND DNS .
April 2001 FBI agents trick two Russian crackers into coming to the U.S. and revealing how they were cracking U.S. banks.
May 2001 Spurred by elevated tensions in Sino-American diplomatic relations , U.S. and Chinese hackers engage in skirmishes of Web defacements that many dub "The Sixth Cyberwar ".
May 2001 Crackers begin using "pulsing" zombies, a new DDoS method that has zombie machines send random pings to targets rather than flooding them, making it hard to stop attacks.
May 2001 AV experts identify Sadmind, a new cross-platform worm that uses compromised Sun Solaris boxes to attack Windows NT servers.
July 2001 Russian programmer Dmitry Sklyarov is arrested at the annual Def Con hacker convention. He is the first person criminally charged with violating the Digital Millennium Copyright Act (DMCA).
August 2001 Code Red, the first polymorphic worm, infects tens of thousands of machines.
September 2001 The World Trade Center and Pentagon terrorist attacks spark lawmakers to pass a barrage of anti terrorism laws many of which group Hackers as terrorists. and remove many long standing personal freedoms in the name of safety.
September 2001 Nimda, a new memory-only worm, wreaks havoc on the Internet, quickly eclipsing Code Red's infection rate and recovery cost.
November 2001 Microsoft and its allies vow to end "full disclosure" of security vulnerabilities by replacing it with "responsible" disclosure guidelines.
November 2001 The European Union adopts the controversial cybercrime treaty, which makes the possession and use of hacking tools illegal. l/skl
2002
January 2002 Bill Gates decrees that Microsoft will secure its products and services, and kicks off a massive internal training and quality control campaign.
February 2002 As part of its Trustworthy Computing initiative , Microsoft shuts down all Windows development, sending more than 8,000 programmers to security training .
April 2002 The U.S. Army initiates the "Mannheim Project ," an effort to better consolidate and secure the military's IT assets from cyberwarfare .
May 2002 Klez.H , a variant of the worm discovered in November 2001, becomes the biggest malware outbreak in terms of machines infected, but causes little monetary damage .
June 2002 The Bush administration files a bill to create the Department of Homeland Security, which, among other things, will be responsible for protecting the nation's critical IT infrastructure.
July 2002 An Information Security survey finds that most security practitioners favor full disclosure because it helps them defend against hacker exploits and puts pressure of software vendors to improve their products.
August 2002 Researcher Chris Paget publishes "shatter attacks ," detailing how Windows' unauthenticated messaging system can be used to take over a machine. The paper raises questions about how securable Windows could ever be.
September 2002 The White House's Office of Homeland Security releases a draft of the "National Strategy to Secure Cyberspace," which many criticize as being too weak.
October 2002 The International Information Systems Security Certification Consortium --(ISC)2--confers its 10,000th CISSP certification.
2003
January 23, 2003 Pittsburgh, Pennsylvania Man Convicted of Hacking a Judge's Personal E-Mail Account
Februay 6, 2003 Former Employee of Viewsonic Arrested on Charges of Hacking into Company's Computer, Destroying Data
February 13, 2003 Ohio Man Attacked NASA Computer System Shutting Down Email Server
February 20, 2003 Ex-employee of Airport Transportation Company Arrested for Allegedly Hacking Into Computer, Destroying Data
February 26, 2003 U.S. Convicts Kazakhstan Cracker of Breaking into Bloomberg L.P.'s Computers and Attempting Extortion
February 26, 2003 Former Employee of American Eagle Outfitters Indicted on Charges of Password Trafficking and Computer Damage
February 28, 2003 Los Angeles, California Man Sentenced to Prison for Role in International Computer Hacking and Internet Fraud Scheme
March 10, 2003 California Woman Convicted for Unauthorized Computer Access to Customer Account Information in Credit Union Fraud Prosecution
March 13, 2003 Computer Cracker Ples Guilty to Computer Intrusion and Credit Card Fraud
March 13, 2003 St. Joseph, Missouri Man Pleas Guilty in District's First Computer Cracking Conviction
March 14, 2003 Student Charged with Unauthorized Access to University of Texas Computer System
April 2, 2003 San Jose, California Man Indicted for Theft of Trade Secrets and Computer Fraud
April 18, 2003 Ex-employee of Airport Transportation Company Guilty of Hacking into Company's Computer
May 12, 2003 Three Californians Indicted in Conspiracy to Commit Bank fraud and Identity Theft
June 12, 2003 Computer Hacker Sentenced to One Year and One Day And Ordered to Pay More than $88,000 Restitution For Series of Computer Intrusions and Credit Card Fraud
June 12, 2003 Southern California Man Who Hijacked Al Jazeera Website Agrees to Plead Guilty to Federal Charges
July 1, 2003 Kazakhstan Hacker Sentenced to Four Years Prison for Breaking into Bloomberg Systems and Attempting Extortion
July 11, 2003 Queens, New York Man Pleads to Federal Charges of Computer Damage , Access Device Fraud and Software Piracy
July 17, 2003 FBI Employee Arrested and Charged in Three Federal indictments
July 25, 2003 Russian Man Sentenced for Cracking into Computers in the United States
August 23, 2003 Jesus Oquendo "sil" of AntiOffline releases "BRAT" Border Router Attack Tool as part of "Theories in Denials of Service in an effort to make administrators aware of the possibility of a worm attack tool capable of breaking backbone routes on the Internet
August 25, 2003 Former Computer Technician in Douglasville, Georgia Arrested for Hacking into Government Computer Systems in Southern California
August 29, 2003 Minneapolis, Minnesota 18 year old Arrested for Developing and Releasing B Variant of Blaster Computer Worm
September 9, 2003 U.S. Charges Cracker with Illegally Accessing New York Times Computer Network
September 10, 2003 Deputy Assistant Attorney General John G. Malcolm 's Testimony before the United States House of Representatives Committee on Government Reform, Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census
September 26, 2003 Juvenile Arrested for Releasing Variant of Blaster Computer Worm That Attacked Microsoft
September 29, 2003 President of San Diego Computer Security Company Indicted in Conspiracy to Gain Unauthorized Access into Government Computers
October 6, 2003 Former Employee of Viewsonic Pleas Guilty to Hacking into Company's Computer, Destroying Data
October 7, 2003 Disgruntled Philadelphia Phillies Fan Charged with Hacking into Computers Triggering spam E-mail Attacks
November 5, 2003 Dallas, Texas FBI Employee Indicted for Public corruption
November 20, 2003 Three Men Indicted for Hacking into Lowe's Companies' Computers with Intent to Steal Credit Card Information
November 20, 2003 Two Alleged Computer Hackers Charged in Los Angeles as Part of Nationwide 'Operation Cyber Sweep '
December 5, 2003 Former Hellmann Logistics Computer Programmer Sentenced for Unauthorized Computer Intrusion
December 18, 2003 Milford Man pleas guilty to hacking
2004
December 2004 Brian Salcedo sentenced to 9 years in prison for his involvement in hacking into the corporate systems of "Lowe's Home Improvement" and attempting to steal customer credit card information. The sentence far exceeds the 5 1/2 years that hacker Kevin Mitnick spent behind bars. Prosecutors said the three men tapped into the wireless network of a Lowe's store in Southfield, Mich., used that connection to enter the chain's central computer system in North Wilkesboro, N.C., and installed a program to capture credit card information. No data was actually collected however.
Last updated: 05-13-2005 07:56:04
