Skip to main content

How much do you know about the history of cybersecurity?

DATE: July 09, 2024


Welcome to our deep dive into the history of cybersecurity! Join us as we uncover the development of our field through the decades by looking into some of the most notorious hacks and cybercriminals. The future of cybersecurity is full of innovation and crucial advancements. So, let’s take a look into the past.  

To achieve the fullest picture of cybersecurity’s history, let's start from the very beginning. Technically, the first “cyberattack” took place in 1834 in France. Two brothers stole information on the French financial market by hacking the French Telegraph System. They bribed a telegraph operator to create deliberate errors in government messages. Additional characters were added to messages that coordinated with the movement of the previous day’s market. When this scam was uncovered after two years, it went to trial, but the brothers were never convicted. Why? Because at this time there were no laws against the misuse of data networks. This attack is known as the first instance of hacking because it opened the world to the possibility of the exploitation of data systems. 

Let's jump all the way to 1940 to the first instance of ethical hacking. Rene Carmille is known as the world’s first ethical hacker and was a member of the French Resistance. He used his position as a punch card computer expert to manipulate Nazi data during WWII. Using social engineering, he convinced the Nazi party of his loyalty so they would put him and his group in charge of conducting a census across multiple countries. Carmille and his group manipulated and mishandled punch cards that the Nazis used to track down Jewish citizens by modifying the machine so that no data was punched for Column 11. Column 11 contained information on the citizen’s religion. He did this for four years and saved countless lives by using what we know today to be ethical hacking. 

Rene Carmille

A less high-stakes form of hacking began to emerge in the 1950s, known as phone phreaking. The term was coined to describe the general practice of exploring the telephone system. For those who may not have been alive to see the rotary phone, they made quite a few noises, like clicks and beeps, while routing calls. Phone phreakers would spend their time studying these noises to get a better understanding of how the system worked. But this definition leans on the positive side of phone phreaking. The reality is that it was often used to illegally make free calls and abuse the telephone network. The phreakers would use devices like blue boxes to emulate the same tones as telephone routing signals, allowing them to make free calls. The blue box was actually invented by Steve Wozniak and later sold by Steve Jobs before they founded Apple. Phreaking peaked in popularity in the 70’s, mostly at universities, where students used the technique and the blue box to make free calls to anywhere in the world. Some phone phreaks even wiretapped phones and stole telecom equipment.  

Another early example of exploitation in cybersecurity history occurred in 1962 at MIT. Students had been given passwords to protect their computer usage. Allan Scherr decided he wanted more computer time than allotted and created a punch card that forced the computer to print out all of the passwords in the system. He and his friends used these passwords to gain more computer time and access to their teacher’s accounts where they left insulting messages. They were never caught but Scherr confessed to the mischief twenty-five years later.  Scherr found success after completing his PhD at MIT and moved on to help develop the original IBM MVS operating system. He is a pioneer in time-sharing operating systems and founded ALS Consulting in 2001. 

It was nine years later when the first computer virus marked the beginning of cybersecurity. In 1971, Bob Thomas created and implemented the first computer virus as a security test. Thomas worked for BBN Technologies and wanted to create a virus that was not harmful but simply highlighted areas of vulnerability. At this time, the U.S. Department of Defense had developed ARPANET, the precursor to the Internet. The virus, named Creeper, was meant to move across ARPANET by jumping from computer to computer while displaying the message “I’m the creeper; catch me if you can.” While it wasn’t meant to be a harmful virus, it actually ended up corrupting the DEC mainframe using its self-replicating abilities. To combat this, Thomas’s colleague Ray Tomlinson created the first antivirus software program. Cleverly named Reaper, this program also self-replicated across the network, found each copy of Creeper, and deleted it. 

Here at cyberTAP we really enjoy our movie trivia and interestingly enough the Creeper virus was actually named after a Scooby Doo villain. The episode, “Jeepers it’s the Creeper”, aired in 1970 and followed the gang as they uncovered the Creeper phantom who was continually robbing a bank by walking through walls. SPOILER ALERT, the monster was the bank president in disguise, and he wasn’t walking through walls so much as he was using his keycard. The virus bears a lot of resemblance to the Creeper monster with its ability to move through the network with no trouble at all. 

Scooby Doo Creeper

About the author

Hope Trampski

Student Assistant

Sign up for the newsletter

Return to main content

Purdue University, 610 Purdue Mall, West Lafayette, IN 47907, (765) 494-4600

© 2021 Purdue University | An equal access/equal opportunity university | Copyright Complaints | Maintained by Technical Assistance Program

Trouble with this page? Disability-related accessibility issue? Please contact Technical Assistance Program at