June 1982 was the month of registration of the first successful hacker attack in the world. The feat at the time is unimaginable today: Soviet espionage would steal pipeline control software from a Canadian company, but before that happened, a Trojan horse was installed by American espionage that would transparently modify the speed of bombs and the internal pressure of these pipelines of the enemy nation. As a result of this attack, several large-scale explosions followed the Soviet Union, interrupting the country’s gas supply.
In the same decade, the first attacks on personal computers also appeared. It was common to sell software and computer games on floppy disks that were already contaminated with the Brain virus or the Bouncing Ball (known as Ping Pong in Brazil).
Built with the primary purpose of annoying users, Ping Pong caused a ball to circulate from side to side on green phosphor monitors until its execution was blocked or the first antiviruses in history were installed.
In 1988, Robert Tappan Morris, a student aged just 23 at the time, gave rise to the famous worm, a type of invasion that bears his name to this day and makes autonomous attacks more quickly and effectively, without control or authorization by users.
The 1990s were marked by attacks on governmental and military computers, as well as on various academic institutions.
In the 21st century, the famous Code Red and Nimda attacks began. Networks were inaccessible for hours, and managers struggled to understand the cause of such unavailability. Companies, governments and people were constantly attacked. In 2006, the first trojan, called GPcode, appeared, which had the characteristics of the first ransomware, blocking computers until a certain amount was paid to criminals.
In 2012, the first network of ransomware attacks as a service was created, with the sale of ready-made onslaught kits that facilitated the access of novice hackers. A new method of exploiting the invasions was inaugurated, culminating later in the adoption of cryptocurrencies to maintain the anonymity of these payments.
Cryptlocker, CryptoWall, Locky, Petya, WannaCry and so many other ransomwares were created, turning over more than $ 2 billion annually with the exploitation of digital extortion. The evolution of new threats has grown exponentially, with no one else at risk of being exposed to one of these attacks at any time.
Threat hunting experts
In the current threat landscape, more sophisticated techniques are used by hackers, and the threat hunting market is gaining more and more momentum, both globally and locally.
Traditional protection tools are no longer efficient. It is necessary to use new solutions that align artificial intelligence and human analysis to identify these attacks, allowing detailed questions to be asked for the proper identification of advanced threats or active attackers on the networks, taking the necessary measures to stop them quickly.
The big challenge for companies will be to make threat hunting an internal process that is carried out by the Information Security area itself or by companies specialized in these services. Processes, people and tools need to be well-defined and will be fundamental for improving the level of security maturity.
Professionals who wish to specialize in this topic will certainly find a beautiful path ahead in their careers. The years of threats show us that evolving is paramount for both those who attack and those who need to defend themselves.