When did hacking begin? Could you describe early cryptographers as hackers, breaking codes through analysis or mechanical systems? How about the cryptologists at Bletchley Park in the forties, who broke the systems used by the German Navy's Enigma machine? It's much, much easier to nail down when the use of hackers' and hacking' first came into common parlance. It first appeared, in this sense, at MIT in the mid-1950s, in minutes from a meeting of the Institute's Tech Model Railroad Club. Within a few years, the student newspaper was reporting on telephone hackers'; enthusiasts who used electronic tone generators and other colour-coded boxes to manipulate the analogue phone systems used by AT&T and other telecoms providers in the United States. With time, the word hackers' was also used when talking about the computer enthusiasts who were configuring MIT's PDP-1 computer to program music and make free phone calls.
From MIT, the term spread out into the general computing lexicon. The Jargon File, a glossary for computer enthusiasts published in 1975, lists eight different definitions for hacker, ranging from "a person who enjoys exploring the details of programmable systems and how to stretch their capabilities" to "a malicious meddler who tries to discover sensitive information by poking around". Like most contemporary sources, The Jargon File considered the latter group to be crackers' as opposed to hackers', but in a way the last forty years have seen the meaning drift from the first definition to the second.
Early hacker culture was inspired by the phone phreaks, with hackers working alone or in loose groups, often on the edges of the law though not usually for criminal purposes or financial gain. In 1980, the New York Times described hackers as "technical experts; skilled, often young, computer programmers, who almost whimsically probe the defences of a computer system, searching out the limits and possibilities of the machine". You can see this in the exploits of early groups like the 414s, six Milwaukee teenagers who, between 1982 and 1983, used cheap PCs, analogue modems and simple password-hacking techniques to break into 60 computers at US institutions ranging from the Los Alomos National Library to the Security Pacific Bank. It's there in Germany's Chaos Computer Club, who transferred over 130,000 Deutsche Marks to a Hamburg Bank account from the German financial computer network, then returned the money the next day in front of the press.
At this point the authorities began to take an interest. Alerted by systems administrators, the FBI placed wiretaps, trapped the 414s and traced their modem calls back to Milwaukee. Founding member Neal Patrick ended up testifying before the US House of Representatives. Soon after, six bills focused on new computer crimes were introduced.
In 1983-84, hacking hit the mainstream. Groups like the Legion of Doom, Masters of Deception and Cult of the Dead Cow reflected the growth of hacking as a bona-fide subculture, with its own magazines, like Eric Corley's Hacker bible, 2600. Meanwhile, John Badham's 1983 science-fiction movie, WarGames, solidified the image of the hacker as a young, highly intelligent rebel in opposition to and under threat from corrupt corporations and authoritarian government forces. The more the hacker groups hit government and corporate computers, the more government began to hit back. In 1986 the US Congress passed the Computer Fraud and Abuse Act, while the same year saw the first UK conviction for illegal access to a computer system the Duke of Edinburgh's BT Gold account though this conviction was later overturned.
Perhaps the authorities had reason to be worried. In 1987 a group of German hackers, loosely affiliated with the Chaos Computer Club, was arrested for breaking into US government computers and selling stolen source code to the KGB. The same year saw the first computer worm, the Christmas Tree EXEC worm, attack computer networks. One year later, Cornell University student, Robert Morris, released the Morris Worm, which spread across the US Defence Advance Research Projects network, ARPANet, to 6,000 computers, clogging government and academic systems. The darker side of hacking was becoming clear.
The late eighties saw the era of the superstar hacker. Kevin Mitnick had begun his hacking career as a teenager in 1979, but hit the headlines with an attack on Digital Equipment Corporation, where he downloaded and copied the company's software. Mitnick was charged and convicted in 1988 and sentenced to a year in prison plus three years of supervised release. Near the end of this period, Mitnick was discovered to have hacked Pacific Bell computers. Faced with arrest he became a fugitive, hacking on the run until his arrest in 1995.
In 1988, Kevil Poulsen hacked into federal databases, revealing details of wiretaps on foreign consulates and suspected criminals. Pursued by the FBI he also went on the run, yet still found time to win a Porsche 944 S2 in a radio competition by tying up all the available phone lines. Poulsen was caught and arrested in 1991, later becoming a cybsecurity expert and a consulting editor for Wired magazine.
The early nineties saw the introduction and development of the World Wide Web and the appearance of more serious cybercriminals. In 1994 a group of Russian hackers led by Vladmir Levin siphoned $10million from Citibank and transferred it to bank accounts in Finland, Israel and around the world. On the one hand, hacking was becoming respectable. The first hacker conference DefCon took place in Las Vegas in 1993, and some early hackers became security consultants, advising companies on how to protect themselves. On the other hand, attacks proliferated. The US General Accounting Office reported that hackers had attempted to break into Department of Defence files 250,000 times in 1995 alone, with a staggering 65% of those attempts successful.
The late nineties also saw the arrival of the first hacker tools, with the likes of SATAN (Security Administrator Tool for Analyzing Networks) and Back Orifice emerging in 1995 and 1998. 1999 also saw the first major global virus outbreak, with an estimated 20% of the world's computers infected by the Melissa worm. And as hackers grew more sophisticated, so did their methods. For example, the first Denial of Service attacks were tried in the early 2000s, with hackers like Michael Mafiaboy' Calce, using them against Yahoo, eBay, CNN, Amazon and Dell prior to his arrest in 2001.
In the last fifteen years we've experienced the steady emergence of the Internet threat landscape as we know it today. Gangs of cybercriminals have flourished around the globe, not just in the US and the UK but increasingly in China, Russia, Brazil and Nigeria. Hacking and malware have become big business with a complex ecosystem, covering everything from software development to money laundering. Where the early hackers broke into systems out of curiosity or for the challenge, today's black hat hackers are as likely to be motivated by financial gain, state sponsorship or political activism though a number still do it for the fun.
According to a report published by Cybersecurity Ventures, cybercrime is expected to cost the world $6 trillion annually by 2021, up from $3 trillion in 2016. Yet hacking can also be a force for good, the urge to meddle with complex systems to improve them still lying at its heart. Governments and corporations rely on white-hat hackers, who use the hacker mindset to protect critical technology and infrastructure. Perhaps the next 40 years might see another shift in meaning as people recognise this fact, but while hacking and cybercrime remain so easily conflated, such a shift looks increasingly unlikely.
