A Look at the History of Cybersecurity

People sit at computers in office meeting setting

Cybersecurity is proving to be among the most in-demand career fields of the 21st century. In fact, through 2026, the U.S. Bureau of Labor Statistics projects the field to grow by 28 percent—a much faster rate than the average. New threats are emerging practically every day and as the cyber-attacks evolve, so too must the tactics used by cybersecurity professionals. Even as cybersecurity specialists look ahead to the future of the digital era, it’s worth taking a look back to see how the field has evolved over time.

The First Computer Worm

The first malicious computer program wasn’t actually malicious at all. It didn’t crash computers and it didn’t hold users’ information for ransom. It was an exploratory research project that amounted to little more than graffiti.

In 1971, Bob Thomas discovered that computer programs could travel through networks. He wrote a program called Creeper that did exactly that. As Creeper traveled through Tenex terminals on ARPANET (Advanced Research Projects Agency Network), it left the message, “I’m the creeper: Catch me if you can.” The Creeper program caught the attention of the man who invented email, Ray Tomlinson. Tomlinson altered the program to make it self-replicating. The first computer worm was born.

The First Antivirus Program

After Tomlinson created the world’s first computer worm, he developed the first antivirus program. Tomlinson called this program “Reaper.” It was developed specifically to delete the Creeper program and it succeeded.

The First Malicious Virus

The first known malicious virus was called “Rabbit.” It arrived on the scene not long after the Creeper program. The main difference between Creeper and Rabbit was that Rabbit was capable of reproducing and multiplying itself, whereas Creeper only traveled from one computer to the next on a network. Rabbit’s invasion of a computer system caused infected computers to crash.

The First Denial of Service (DoS) Attack

Cybersecurity professionals have long grappled with ethical issues. One particularly complex ethical issue is the execution of projects intended to help that end up causing harm instead. This was the case with the first DoS attack, created by Robert Morris in the late ‘80s.

Morris was looking for ways of highlighting security flaws, such as weak passwords. Unfortunately, Morris was too successful with his coding and the worm replicated excessively, causing significant monetary damage and resulting in a major slow-down of the early Internet. Morris has the dubious distinction of being the first person to be charged for computer crimes under the Computer Fraud and Abuse Act. Currently, Morris is a tenured professor at MIT.

The Computer Emergency Response Team (CERT)

In the aftermath of the Morris worm, the first CERT was born at Carnegie Mellon University. The CERT acronym has been subsequently used by organizations around the world. Current incarnations of CERT exist primarily to research and monitor systemic cybersecurity threats, which jeopardize the security of the whole Internet.

Are you eager to take on the cybersecurity challenges of the 21st century? Join the Grand Canyon University learning community online and earn your Master of Science in Cybersecurity. You’ll emerge with the core competencies that are necessary to pursue high-level positions in the field, and you’ll learn to reflect upon relevant ethical and legal challenges during the development of effective cybersecurity programs.


  • Cybersecurity consultant: Career Outlook. (n.d.). Retrieved from https://www.bls.gov/careeroutlook/2018/interview/cybersecurity-consultant.htm

The views and opinions expressed in this article are those of the author’s and do not necessarily reflect the official policy or position of Grand Canyon University. Any sources cited were accurate as of the publish date.