The 1970s was a timeframe in information security history largely untouched by digital calamity, but marked more so by the exploration of emerging telecommunications technology. The first modern day hackers appeared as they attempted to circumvent the system and make free phone calls, a practice that became known as "phreaking." Perhaps the most publicly well know phreaker was John Draper, a.k.a. Captain Crunch, who helped pioneer the practice. Draper was later arrested and convicted on charges related to his nefarious phreaking activities multiple times.

1980s

The 1980s saw the birth of computer clubs. This decade subsequently ushered in the era of malware, marking the first virus, named "Brain", in 1986 as well as the infamous Morris Worm in 1988., The Computer Fraud and Abuse Act was instituted in 1986 and for the first time, a computer hacker, Kevin Poulsen, was featured on America's Most Wanted. Poulsen was finally arrested in 1991, after spending several years as a fugitive. Since his release from prison, however, he has reinvented himself as a journalist and at one point, regularly wrote for the online computer security news portal SecurityFocus, which was purchased by Symantec in 2002.

1990s

The 1990's brought with it the dawn of the modern information security industry. Notable threats witnessed during this decade included the Michelangelo virus, Melissa, and Concept. Distributed denial of service attacks and the bots that made them possible were also born, such as Trin00, Tribal Flood network and Stacheldracht.

Beyond malware, AOL suffered through the first real phishing attacks as fraudsters aimed their efforts at stealing users' credentials. Privacy watchdogs called out in concern as tracking cookies were born, allowing ad networks to monitor user surfing behaviors in a rudimentary fashion.

2000s

The first decade of the 21^st Century saw malicious Internet activity turn into a major criminal enterprise aimed at monetary gain. Adware and spyware entered the scene with such programs as Conducent TimeSink, Aureate/Radiate and Comet Cursor.

Perhaps even more visible than adware and spyware, aggressively self-propagating malware also appeared. Big name threats such as Code Red, Nimda, Welchia, Slammer and Conficker all began taking advantage of unpatched machines. Phishing attacks also became mainstream; first heavily targeting online banking then moving onto social networking sites. Zero day attacks, rootkits, rogue antispyware, SPIM, clickfraud and other attacks also all made their mainstream debut in the current decade.

Source: Symantec Security Response

Malicious activity is increasing in countries with rapidly emerging Internet infrastructures.

In 2008, the percentage of overall malicious activity decreased for countries with well-developed broadband infrastructures and increased for virtually every other country in the top 10. 

• Malicious activity usually affects computers that are connected to high-speed broadband Internet because these connections are attractive targets for attackers.
• Broadband connections provide larger bandwidth capacities than other connection types, faster speeds, the potential of constantly connected systems, and typically more stable connections
• The top three countries for malicious activity—the United States, China and Germany—also have extensively developed and growing broadband infrastructures.
• Countries that have rapidly growing Internet infrastructures and growing broadband populations are likely to see increasing levels of malicious activity until security protocols and measures are improved to counter these activities.
• As in 2007, the United States, China and Germany were the countries with the highest percentage of malicious activity in 2008, with 23 percent, 9 percent, and 6 percent respectively. However, these levels were down from 2007 levels, which were at 26 percent for the United States, 11 percent for China and 7 percent for Germany.
• China passed the United States for the largest number of broadband subscribers for the first time in 2008, with 21 percent of the worldwide total (or 83.3 million subscribers); the United States was second with 20 percent, while Germany was fourth with 6 percent.
• With the exception of France and Italy, every other country in the top 10 experienced increasing levels of malicious activity from 2007 to 2008. These include the United Kingdom (up from 4 percent in 2007 to 5 percent in 2008); Brazil and Spain (each up from 3 percent in 2007 to 4 percent in 2008); and Turkey and Poland (each up from 2 percent in 2007 to 3 percent in 2008).

Web-based attacks are the primary vector for malicious activity over the Internet.

The commonness of Web applications along with the ubiquity of easy-to-exploit Web application vulnerabilities have resulted in the prevalence of web-based threats.

• Web-based attacks are a major threat to computer networks for both enterprises and consumers; the covert nature of these types of attacks makes them very difficult to mitigate because most users are unaware they were being attacked. Organizations then are confronted with the complex task of having to detect and filter attack traffic from legitimate traffic.
• Because many organizations are reliant on Web-based tools and applications to conduct business, it is likely that the web will continue to be the primary conduit for attack activity favored by malicious code developers.
• With web-based threats, attackers wanting to take advantage of client-side vulnerabilities no longer need to actively compromise specific networks to gain access to those computers; instead, they can attack and compromise websites in order to mount additional, client-side attacks.
• Most of these types of attacks target specific vulnerabilities or weaknesses in web browsers or other client-side applications that process content originating from the Web.
• Web-based attacks may involve social engineering to entice a victim to view a malicious website, but most attacks exploit trusted high-traffic Websites.
• Web-based threats have not only become widespread, they also have increased in sophistication and severity.
• Dynamic sites are prime targets for attackers using bot-infected computers to propagate and host malicious content since Web application and site-specific vulnerabilities can put these types of sites at risk.

Click for larger view