Friday, October 7, 2022

Keep those ‘shields up’ against cyberattacks

© Mark Ollig


October is US Cybersecurity Awareness Month, reminding us to safeguard our computing devices from malicious cyber activity.

"See Yourself in Cyber” is this year’s theme from the Cybersecurity and Infrastructure Security Agency (CISA).

Cyber is short for “cyberspace,” a term first used in 1982 by author William Gibson in his story “Burning Chrome,” where he wrote about “widespread, interconnected digital technology.”

Then, the cyberspace environment comprised the computers and electronic devices used within a network’s digital infrastructure accessible via wired and wireless communication links.

Cyberspace was later used to describe where people interacted with others (usually via text) on computer bulletin board systems (BBS) traditionally operated by computer hobbyists.

BBSs were theme-based for social, business, educational, hobbyist, or gaming use.

In those early days, an online BBS was dial-up; your computer accessed it by dialing a telephone number.

CompuServe, Prodigy, and America Online were large commercial BBSs that charged for their services.

In 1989, British scientist Tim Berners-Lee began working on what would be known as the World Wide Web at the European Organization for Nuclear Research (CERN) in Switzerland.

On Dec. 25, 1990, Berners-Lee finished programming the original World Wide Web server and client software on his NeXTcube computer.

On Aug. 6, 1991, Berners-Lee completed programming the world’s first working website.

One month later, Paul Kunz from Stanford Linear Accelerator Center (SLAC), located at Stanford University in Menlo, CA, visited Tim Berners-Lee at CERN.

Kunz was impressed with the World Wide Web project and how people could use web pages.

He was permitted to take a copy of Berners-Lee’s software program back to Stanford University.

On Dec. 12, 1991, the first website in the United States was operational at SLAC in Menlo Park, CA.

The website’s resources were available to particle research physicists at the Stanford Linear Accelerator Center.

As the 1990s progressed, the internet experienced a transformational paradigm shift with the addition of the World Wide Web.

Software programmers created improved graphical user interface web browsers and easy-to-use colorful websites with audio, video, and clickable hypertext links.

Individuals and businesses added more websites to the internet, and folks used the word cyberspace to describe the internet and the web.

As the web became a global phenomenon, basic international agreements regarding its and the internet’s technological standards were being observed by many countries.

The Electronic Frontier Foundation, which began in 1990, works to protect cyberspace as a virtual location for sharing knowledge, ideas, culture, and community.

Most countries observe the freedom of internet access for their citizens to view content, create, and actively participate on websites and social media platforms; however, some enact strict control over access to the internet and its content.

When looking back at cybersecurity, I wonder if computer coders from the mid-1940s discussed the possibility of malicious interference with the program instructions used on the first electronic digital computers, like the Electronic Numerical Integrator and Computer (ENIAC).

Any nefarious attacks on an ENIAC program instruction code could only be accomplished by someone with direct physical access to the computer’s rotary switches and electrical plugboard wiring cables terminated into specific patch panel sockets.

By the late 1940s, computing pioneer John Von Neumann became concerned about those who would alter electronic computer operating program instructions for malicious reasons.

In 1971, computer programmer Bob Thomas created “Creeper,” an experimental software program.

Thomas downloaded Creeper into the Advanced Research Projects Agency Network (ARPANET), the predecessor of today’s modern internet.

As Creeper journeyed through the ARPANET, it would type the message “I’m the creeper, catch me if you can” on teletype printers connected to the DEC PDP-10 mainframe computers linked to the network.

Creeper was not a malicious software program and caused no damage: it was just a nuisance. However, it did prove an embedded software program could target and “infect” specific devices on a computer network. In this case, the computer infection was the text message typed on the teletype printers.

ARPANET laid the groundwork for future cybersecurity practices with its classified research projects, including one by Ray Tomlinson (inventor of email).

Tomlinson wrote the software program Reaper, whose sole purpose was to spread throughout ARPANET, embed itself in, and delete the Creeper program.

Reaper was the first antivirus to spread by attaching itself to an existing software program (Creeper) and the first disruptive program (malicious software) known as malware, which disrupts or changes a program’s intended purpose.

For 2022, the CISA lists four action steps to protect us against cyberattacks:

• Think before you click: If a link looks a little off, think before you click. It could be an attempt to get sensitive information or install a malware program without your knowledge.

• Update your software: Act upon seeing a software update notification. Better yet, turn on the automatic updates for your computer and smart devices.

• Use strong passwords: Use long, unique, and randomly generated passwords.

• Enable multi-factor authentication: Protects your online accounts, making them double-password protected. As a result, you are significantly less likely to get hacked.

The Cybersecurity and Infrastructure Security Agency website is https://www.cisa.gov.

Not many folks say “cyberspace” these days, but it is still out there.

During this 18th anniversary of Cybersecurity Awareness Month, let us keep those, as Captain Kirk would say, “shields up” against computer cyberattacks.