Cybersecurity has become a priority nowadays in our world. As the amount of personal data becomes more and more available and willingly shared, cybersecurity concerns continue to grow and evolve. And what was considered a strong security a few years ago is no longer valid.
The first computer was created in 1943. The machines at that time were the size of a room and used for calculations. But as computers started to reduce in size and cost, many companies implemented them as a part of their equipment. More and more people had access to the devices and the need to protect the data became apparent. The first security measures that were used were passwords. Most likely the first password was used in the ’60s in MIT.
In the same place, in 1966, the first password was leaked. As a result of a software error, everyone who logged on to the system instead of a welcome message saw a list of all passwords.
We can’t imagine our lives without the Internet, but just a few decades ago it was only an idea. A precursor to the internet was the ARPANET project (The Advanced Research Projects Agency Network), which developed protocols for remote computer networking. And it was through that net that the first computer virus attacked.
A program called Creeper, was designed to show the message, “I’m a creeper: catch me if you can.“. In response, a program, Reaper, was created to catch and remove the creeper and so the first antivirus was created. Another program that became a virus, the Morris Worm was created in 1989 and its intention was to investigate how big the Internet is. However, it caused every computer that it attacked to slow down. To deal with this virus, it was decided to shut down the entire network for a few days.
The next step in the evolution of security were password control questions. They helped to recover passwords and are still used today. The questions concerned personal information, such as the name of the first pet, the first street we lived on or a favorite book. The downside of this security is that anyone who knew us well was able to answer these questions and thus gain access to our account.
At the beginning of this century, to fight the automated bot-based attacks, the Captcha was invented. The user was tasked with reading distorted text fragments that the optical character recognition systems cannot cope with. As the Internet developed, hacking systems became more sophisticated and Captcha became an outdated security feature. ReCAPTCHA is used in its place.
In 2003 the United States government created the first official task force dedicated to cybersecurity. It was a response to the growing number of cyberattacks. In 2021 the U.S. government proposed a 18.78 billion dollar budget for cyber security. Malware can also be used as a weapon, like in the 2010 attack on Iran’s nuclear program, or ransomware attacks on U.S. cities which prevented city authorities from performing operational actions. The losses of such attacks can be measured in millions.
With time new technologies were developed, such as smartphones. And so new security measures based on these devices have been introduced. One-time passwords sent as confirmation and authentication applications are the most commonly used multi-level security. With smartphones and tablets, biometrics in security have developed. The most popular is the fingerprint, now almost every phone has a built-in scanner with which you can easily unlock the device. Another security based on biometrics is face recognition, the next step may be iris scanning, voice recognition and even blood vessel patterns and user behavior profiling.
In 2018 the European Union created the General Data Protection Regulation (GDPR) that was a response to the increasing volume of personal data held by companies. The GDPR mandates data protection baseline and requires companies to have a plan in case of a data breach.
With countless viruses and ransomware trying to steal our identity or our money, it is important to protect our personal data. Confidentiality is a key in cybersecurity. We place a lot of trust in companies by giving them our information. Everyday we interact with companies that know more about us than we realize. It is important to choose the ones that comply with the GDPR rules and will not abuse the trust put in them.
Companies are vulnerable to cyberattacks and they need to implement more secure verification methods to protect their users’ data. Identity verification was previously associated with visiting a facility, filling out documents and procedures that could take up to several weeks. However now it has been reduced to take only a couple of minutes. Remote identity verification is a natural response to the growing need to increase security. Fully-Verified offers video verification services supported by latest technology and artificial intelligence. An additional security measure is a human operator that checks each verification. The time for this procedure has been kept to a minimum, with the added convenience that it can be performed anywhere in the world.
The pandemic forced many companies to accelerate the digitization of their services and has shown that the security of personal data is extremely important. Hacker attacks related to the pandemic and identity theft have increased from several hundred to several thousand a day. With a focus on cybersecurity, companies should establish a plan to protect and train employees. It is human error that is responsible for 95% of infringements. Appropriate training and financing of cybersecurity in the company, i.e. training on passwords, anti-viruses or firewalls, and limited sharing of permissions, by securing folders with sensitive data, significantly reduce the risk of data leakage. After all, we are all responsible for our own cybersecurity and our actions and reactions will shape its future.