Monday, December 27, 2021

the Dubious Distinction of Being First?

So, what exactly was the first "cyberattack"?  Of course as with any complicated question the answer is "it depends"... it depends on definitions, and context, and a heck of a lot of other things. Code attacks go back to prehistory. Cryptoattacks to the beginning of cryptosystems, shortly after the beginning or writing and the digital representation of math... But cyberattack in particular has a specific implication of it being a technological attack on information security, specifically exploiting the technology in question.

Again, there is no single definitive answer, but there is a very good candidate... if I were marking test questions on an exam, and a student came up either this answer, I'd give them full credit. 

The Blanc Brothers heliograph/semaphore/optical telegraph (it depends on which source you read it from) market manipulation fraud, is actually a pretty good candidate for the first cyberattack. It may be the first exploitation of an explicitly technology based race condition for commercial fraud.  Also the first exploitation of out of band/admin/side channel vulnerabilities, metadata, and steganography, in a technological system, for commercial fraud. That was appx. 1830-1834 (again some sources differ as to the exact dates). These links have a layman's explanation followed by a great deal of technical detail about it. It's really a fascinating story.