Skip to main content
Over on the blog, Connor Madsen (@ConnorM), takes us through the history and evolution of cybercrime. If you haven't had a chance to read it yet, take ~5 minutes to do so. Here's a little teaser below exploring how phone phreaking transformed into the Morris Worm and beyond.



Let us know what you think in the comments below!



From Landline Hacking to Cryptojacking



By its very nature, cybercrime must evolve to survive. Not only are cybersecurity experts constantly working to close hacking loopholes and prevent zero-day events, but technology itself is always evolving. This means cybercriminals are constantly creating new attacks to fit new trends, while tweaking existing attacks to avoid detection. To understand how cybercrime might evolve in the future, we look back to understand how it emerged in the past.



Cybercrime’s origins are rooted in telecommunications, with “hacker” culture as we know it today originating from “phone phreaking,” which peaked in the 1970s. Phreaking was the practice of exploiting hardware and frequency vulnerabilities in a telephone network, often for the purpose of receiving free or reduced telephone rates. As landline networks became more security savvy—and then fell out of favor—phone phreaking became less and less common. But it hasn’t been phased out completely. In 2018, a phone phreaker staged a series of creepy attacks in New York City WiFi kiosks, reminding us that the phreaks may have been forgotten, but they are certainly not gone.



Cybercrime as we currently think of it began on November 2, 1988 when Robert Tappan Morris unleashed the Morris Worm upon the world. Much like Dr. Frankenstein, Morris did not understand what his creation was capable of. This type of self-replicating program had never been seen before outside of a research lab, and the worm quickly transformed itself into the world’s first large-scale distributed denial of service (DDoS) attack. Computers worldwide were overwhelmed by the program and servers ground to a halt. Although Morris quickly released the protocol for shutting the program down, the damage had been done. In 1989, Morris was the first to be prosecuted and charged in violation of the Computer Fraud and Abuse Act.
There are a couple of interesting aspects of the Morris Internet worm.

First, it only ran on certain UNIX systems. It would be years later before a Windows-based worm would appear.



The Morris worm exploited vulnerabilities for which patches were available. The worm also exploited weak passwords.



Sound familiar? Yeah, Conficker did the same.

Reply