History of Infosec: a primer.

“We study history not to be clever in another time, but to be wise always.” ―Marcus Tullius Cicero

Cicero was a famous Roman statesman and orator, a contemporary of Julius Caesar, Pompey, Marc Antony and Octavian. His writings on classical rhetoric and philosophy influenced the great thinkers of the Renaissance and Enlightenment many years later. And he’s absolutely right about history. 

I don’t study infosec history so that I can win at Nerd-Trivial-Pursuit tournaments at security conferences. I study infosec history so that I can understand the day-by-day changes going on in the industry. I believe you can’t understand the current state of the infosec community unless you have some understanding of what has happened in the past. For example, you can’t really have any detailed understanding for what’s going on, and what’s not going on, in the Ukraine war in cyberspace without having a background on Russian cyber operations from the beginning:

  • 1988: Made famous by Dr. Clifford Stoll’s paper “Stalking the Wily Hacker” and subsequent book, “The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage.” The Russians sponsored the first ever public cyber espionage campaign using East German hacker mercenaries that targeted U.S. governmental agencies. 
  • 1991: The collapse of the Soviet Union and the subsequent liberation of Ukraine.
  • 1996: Moonlight Maze: A series of Russian probes and attacks against the Pentagon, NASA (the National Aeronautics and Space Administration), and affiliated academic and laboratory facilities. 
  • 2007: Russia launched DDOS attacks against Estonia. 
  • 2008: Russia launched cyber attacks against the country of Georgia and penetrated the Pentagon’s classified networks. 
  • 2013: General Valery Gerasimov, the Chief of the General Staff of the Russian Federation, established the unofficial Gerasimov doctrine that advocates for asymmetric targets (physical and virtual critical infrastructure including outer space) across the spectrum during war.  
  • 2014: Russia Annexed Crimea, attacked Ukraine’s power grid for the first time, and attempted to change Ukraine’s Election.
  • 2014: The U.S. discovered that Russian cyber forces had…