Symantec Singapore
global sites
service and support
security updates
about symantec

© 1995-2006 Symantec Corporation.
All rights reserved.
Legal Notices
Privacy Policy


Cybercrime Time-Line

Cybercrime knows no limits.
On February 8, 2000, the New York Times reported what appears to have been the largest-ever coordinated assault on major commercial Web sites.,, and were temporarily crippled when hackers signaled computers around the world to barrage these sites with empty data. But this event is just the latest in what is rapidly becoming an international cybercrime epidemic.

From vandalism to theft to cyberterrorism, we can trace the mounting movement of cybercrime over the past several decades:

John Draper, a.k.a. "Cap'n Crunch," discovers that the toy whistle in a box of Cap'n Crunch Cereal can exactly match the frequency of AT&T's phone network. Thanks to Draper, thousands can "reach out and touch" that long-distance someone, for free.


  • Ian Murphy, a.k.a. "Captain Zap," receives the dubious honor of "first felon ever convicted of a computer crime." AT&T bares the brunt once again, as Murphy breaks into the company's computers and changes the internal billing clock so that people receive discounted rates during normal business hours.

  • Murphy's exploits inspire the movie Sneakers

The movie War Games romanticises hackers and cybercrime.

First issue of Phrack is published -- the original underground hackers' magazine.


  • Pakistani Brain, the oldest virus created under unauthorised circumstances, is discovered to infect IBM computers.
  • Congress enacts the Federal Computer Fraud and Abuse Act, which makes it illegal to access federal computers or traffic-in computer passwords without proper authorisation.

The Jerusalem virus is detected. Designed to delete infected files on Friday the thirteenth, the Jerusalem virus is one of the first file-infecting viruses.


  • Robert Morris, the son of a high-ranking scientist at the US National Computer Security Center, releases the first Internet worm and crashes over 6,000 Net-linked computers, crippling the Internet. Though Morris claims his worm was the result of a programming mistake, he's sentenced to three months probation and charged with a $10,000 fine.

  • Kevin Mitnick serves a year in jail for breaking into the Digital Equipment Company's computer network.


  • Cybercriminal Dark Avenger authors Avenger.1808, a program that spreads through systems unnoticed, overwriting data onto a system's hard drive.
  • WDEF, a highly prolific Mac virus that corrupts hard drive and desktop files, is launched.
  • Phrack #24 distributes a confidential document, hacked from Bell South.
  • Approximately 30 viruses are discovered.


  • Start of two-year warfare between rival hacker groups, Legion of Doom and Masters of Deception. These groups jam phone lines and monitor calls in an attempt to trespass into each other's private computers.
  • Kevin Poulsen is arrested after taking over all the phone lines going into an L.A. radio station in order to win give-away prizes such as a Porsche.
  • Birth of SPAM viruses (Stealth, Polymorphic, Armored and Multipartite). For virus definitions click here.


  • Michelangelo is discovered. Named after the famous painter, the PC-striking virus is intended to destroy hard drives on its namesake's birthday, March 6.
  • Dark Avenger creates MtE, a product that enables other viruses to morph in over 4,000,000,000 different forms, making detection and deletion especially difficult.
  • Cybercriminals Dark Angel and Nowhere Man create a "point and click" virus-authoring application, making virus creation easier and accessible for the less-than-genius programmer.
  • By the end of 1991, over 1,000 viruses exist in the wild.


  • Dark Avenger launches Commander Bomber, an elusive, form-changing virus that lurks undetected in memory and affects COM files when activated.
  • A minor is arrested in Washington, D.C., for creating the SatanBug virus. Some forms of this virus are capable of overwriting code.
  • Release of Monkey, a dangerous virus that can wipe out a hard drive upon removal.


  • Vladimir Levin, a student and mastermind behind a criminal Russian hacker gang, breaks into Citibank's network and transfers $10 million dollars into his accounts. Levin is later arrested in London.
  • Mark Abene, a.k.a. "Phiber Optik," a leader of the Masters of Deception gang, is jailed for tampering with phone lines. Upon his release, New York Magazine names him one of the city's 100 smartest people.
  • Black Baron, a member of the Association of Really Cruel Viruses, launches Pathogen, a highly polymorphic virus that can rewrite portions of a hard drive on a specific date and time. He's later jailed by Scotland Yard.

Kevin Mitnick is arrested again and charged by the FBI with stealing 20,000 credit card numbers.

Concept, the first macro virus capable of affecting both Macs and PCs, becomes the most common virus in the world. Spread through email attachments, macro viruses are annoying, though usually harmless.


  • The Cult of the Dead Cow (cDc), a hacker group of dubious scruples, develops Back Orifice, a program in the form of a Trojan horse or an Active X control that can allow total remote access to Windows NT/2000 machines.
  • The Asian AutoStart worm is released -- a type of virus that self replicates through disk and memory space.
  • Numerous criminal hacks are made on U.S. military and Department of Defense networks.
  • New York Times Web site is vandalised.
  • Attorney General Janet Reno announces the formation of the US National Infrastructure Protection Center (NIPC) to fight cybercrime and sabotage of U.S. technological infrastructures.
  • Activist hacker group Electronic Disturbance Theater urges political activists to engage in "electronic civil disobedience" by staging virtual sit-ins against "oppressors" such as the Mexican and U.S. governments. (In a virtual sit-in, activists plant their time-stamped, virtual presence -- often marked by a happy face -- on a target's Web site.
  • Cincinnati Enquirer reporter Michael Gallagher breaks into the voice mail system at Chiquita Fruits. The Enquirer publishes Chiquita's illegal activities and later has to make public amends.
  • A cybercriminal convinces an unsuspecting AOL staff to grant access to ACLU's Web site, and subsequently wipes out the site.


  • cDc member Dildog develops and releases BO2k, an updated and more powerful version of Back Orifice.
  • Serbian and Kosovar hackers wage wars on each other's Web sites.
  • Two Chinese cybercriminals are sentenced to death in China for hacking into a bank and transferring the equivalent of $87,000 into their accounts.
  • A host of new virus and Trojan horses spread rampantly, often feeding off email mailing lists:
    1. Melissa -- One of the fastest spreading macro viruses in history, variations of Melissa can modify documents or send out victim's confidential information. Engineered by David Smith of New Jersey, the virus caused over $80 million in damage.
    2. Chernobyl -- When activated, overwrites most data on the hard drive.
    3. Thursday -- On a specific date, can delete all files from the root of the "C:" drive and its subdirectories.
    4. Bubble Boy -- Can spread through email script without the victim ever opening an infected attachment.
  • Black Hand and Serbian Angel hacker groups threaten to damage NATO computers in retaliation for war against Serbs.
  • The White House site is defaced by red graffiti saying, "Hacker wuz Here."
  • The North American Electric Reliability Council (NERC) attempts to conduct Y2K compliance tests on over 500 major utilities; however, their efforts are marred by criminal hacker penetration.
  • A criminal hacker group called "" damages U.S. sites including NASA and the National Defense University. The vandals spread graffiti stating they're involved in a game called, fittingly, "Hack the Planet."

Return to Symantec's Home Computing