With another decade of data breaches, state-sponsored APT campaigns and malware infections behind us it must be time to look forward as we enter 2020, right? Actually, there's an argument to be made that looking back could be just as helpful.
There remains plenty of ongoing hype surrounding quantum cryptography, AI and, inevitably, the blockchain; but what lessons can we learn from the 1995 hacking threat? Later today, at 6pm to be precise, a new archive of infosecurity history will go online that may provide the answer.
The Octopi Hacking Archive is a totally free to access online resource aimed at security researchers and members of the broader infosec community. This truly massive chunk of computer history is being put online to bring the collected works of some of the earliest hacking groups into one archive.
The brainchild of anonymity and privacy advocate Colin Childs, a core contributor to The Tor Project, and the CTO at Octopi Managed Services, Ian Thornton-Trump, the archive is based around a massive collection of BBS text files that chronicle the birth of the online computer security industry. This cultural shift from offline to online truly set the stage for the infosec communities we have today; on both sides of the legal fence.
in an exclusive interview with SC Media UK, Thornton-Trump said that he always thought that there was "value in preserving and protecting the documentation of the past," and that is as true when it comes to infosecurity archives as anything else. Having purchased a CD-ROM in 1995 called "Forbidden Subjects" at an early DEFCON, it ended up lost in a spindle of old operating system and application CDs. Until a clear-out formed the spark of what has become the Octopi Hacking Archive.
"I talked with Colin Childs about pulling a vast treasure trove of material from this CD," Thornton-Trump says, "and putting it online with the goal of historical preservation of the earliest beginnings of the computer security industry." The inspiration, he says, came from reading the Cult of the Dead Cow, and while never having been a member of CdC, Thornton-Trump describes himself as something between a hanger-on and supporter.
Having reviewed all the information from the CD, a mammoth task in itself, to ensure "nothing highly controversial was inadvertently placed online which could offend or inflame sensitivities," the pair set about the practicalities of hosting the archive. As a privacy focused, full-stack developer and sysadmin, this was Colin’s domain. "He came up with the architecture below which has been vetted, approved and pentested by members of the elite Advanced Persistent Protection (APP) group known as The Beer Farmers," Thornton-Trump says. Security was naturally a concern, so the archive is hosted in Canada on two VMs with a floating IP address and users interact with the servers through a Cloudflare reverse proxy.
"Without an understanding of information security history, we are destined to repeat the mistakes of the past," Colin Childs told SC Media UK, "this archive presents an opportunity to learn from our past and improve the systems of the future."
"We hope our efforts will be appreciated in the spirit they are presented," Thornton-Trump says, "the archive will provide material which - through research and analysis - may provide a better understanding of the current state of cyber-security. As we discover and review more content, we will continue to expand the archive."
Ethical hacker and a member of The Beer Farmers collective, John Opdenakker, says "it's awesome that this information becomes publicly available. To better defend ourselves in the future against particular threats it's important to understand their history and evolution."
This keeping one eye on the past sentiment is echoed by Jake Moore, cyber-security specialist at ESET. "Looking to the future is naturally a good idea, especially with the rise of AI threats," Moore told SC Media UK, "but most people won’t ever experience a high profile cyber-attack and it’s usually the repurposed and simple threats that make it past employees or even current security measures that are already in place."