The issue of computer security first arose in the 1970s as individuals began to break into telephone systems. As technology advanced, computer systems became targets as well. The Federal Bureau of Investigation (FBI) made one of its first arrests related to computer hacking in the early 1980s. A group of hackers known as the 414s, named after their area code in Milwaukee, Wisconsin, were indicted for attacking 60 different computer systems including the Los Alamos National Laboratory and the Memorial Sloan-Kettering Cancer Center. Computer security breaches like these became increasingly commonplace throughout the 1980s, prompting the passage of the Computer Fraud and Abuse Act. The new legislation allowed more stringent punishments to be levied against individuals caught illegally abusing computer systems. Later in the decade, a 25-year-old hacker named Kevin Mitnick began tapping into the e-mail system used by computer security managers at both Digital Equipment Corp. and MCI Communications Corp. As a result, Mitnick was arrested and sentenced to one year in jail. Although a multitude of other hackers were brought to justice, many continued to operate, including one who successfully pilfered $70 million from the First National Bank of Chicago. Eventually, the Computer Emergency Response Team was established by the U.S. government to research the increasing number of computer security breaches.
Along with growth in hacking activity came the spread of computer viruses. Three of the most well known viruses—Cascade, Friday the 13th, and Stoned—all originated in 1987. When computer companies like IBM Corp. and Symantec Corp. began researching ways to detect and remove viruses from computers, as well as ways to prevent infection in the first place, virus writers began developing more elusive viruses. By 1991, more than 1,000 viruses had been discovered by computer security experts.
Computer security gaps were exposed at many major corporations and governmental bodies—including AT&T Corp., Griffith Air Force Base, NASA, and the Korean Atomic Research Institute—during the early 1990s. For example, an attack on AT&T's network caused the firm's long-distance service to temporarily shut down. During 1995, computers at the U.S. Department of Defense were attacked roughly 250,000 times. A study conducted by the Computer Security Institute that year determined that one in every five Web sites had been hacked. Also that year, Mitnick was arrested for computer fraud and once again sentenced to serve jail time. His offense that time included stealing software, product plans, and data from Motorola Inc., Sun Microsystems Inc., NEC Corp., and Novell Inc., costing the firms a combined total of nearly $80 million. Later in the 1990s, the Web sites of several federal agencies, including the U.S. Department of Justice, the U.S. Air Force, NASA, and the CIA, were defaced by hackers. In addition, the U.S. Bureau of Labor Statistics received a deluge of bogus requests for information. In 1998, the U.S. Department of Justice created the National Infrastructure Protection Center, charging it with task of safeguarding domestic technology, telecommunications, and transportation systems from hackers.
As the amount of commerce handled via the Internet grew, so did the number of malicious attacks. Hacking in 2000 increased 79 percent over 1999 figures, according to a report released by the FBI's Computer Emergency Response Team (CERT). Even leading Web sites such as Yahoo!, America Online, eBay, and Amazon.com were exposed as vulnerable, costing the firms millions of dollars and undermining the already tenuous confidence online shoppers had in the security levels of these sites. Eventually, one of the key perpetrators in many of these attacks, a 16-year-old Canadian boy operating under the name Mafiaboy, was arrested, and authorities discovered he also had broken into the computer networks at Harvard and Yale Universities. While on parole, Mafia-boy was prohibited from using the Internet or shopping at stores that sold computers; only when supervised by a teacher at school, could he use a computer.