History & Milestones


2009

  • RSA Conference Theme: Edgar Allen Poe

2008

  • RSA Conference Theme: Alan Mathison Turing
  • In January, Iron Mountain says it cannot find a backup tape that belongs to GE Money. The tape contains the personal information of about 65,000 J.C. Penney and 100 other retailers’ customers
  • In February, an unencrypted backup tape containing the social security numbers and bank account information of 4.5 million Bank of New York Mellon customers goes missing after being sent to a storage facility
  • In March, Hannaford Bros. falls victim to a targeted malware attack that exposes some four million credit and debit card numbers to identity thieves
  • In March, 13 employees at UCLA Medical Center are suspended for snooping in the confidential medical records of pop star Britney Spears, who had been recently hospitalized in the hospital’s psychiatric ward
  • In June, two men are charged with making withdrawals from New York City ATMs totaling $750,000. They used information from a previous computer intrusion into a Citibank server that processes ATM withdrawals
  • In July, Terry Childs, former network administer for the City of San Francisco, is jailed after essentially holding the city’s network hostage by changing the administrative passwords on the network's switches and routers and then refusing to divulge them
  • In July, Dan Kaminskyiscovers a flaw in the Internet's Domain Name System prompting more than 80 software and hardware vendors to release a coordinated patch
  • In August, a former Countrywide Financial Corp. senior financial analyst, Rene Rebollo, is arrested and charged by the FBI for stealing and selling sensitive personal information of an estimated 2 million mortgage loan applicants
  • In August, before bombs dropped on the country of Georgia, Russia attacks Georgia’s Internet infrastructure by coordinating barrages of millions of distributed denial of service (D.D.O.S) attacks that overload and effectively shut down Georgian servers
  • In August, a presentation about vulnerabilities in the Massachusetts Bay Transportation Authority ticketing system is banned from the DEFCON security conference by a court order after the MBTA protested
  • In September, vice presidential candidate Sarah Palin has her personal Yahoo e-mail account hacked during a controversy regarding her alleged use of private e-mail for state business
  • In October, Microsoft issues an emergency patch to repair a critical Windows server service vulnerability that leaves Windows systems dangerously open to attack
  • In November, the Identity Theft Resource Center reports 585 data breaches that exposed over 33 million personal records, a 31 percent rise over 2007
  • In November, RSA identifies a single Trojan that intercepted more than 500,000 online banking account credentials, credit cards and other resources

2007

  • RSA Conference Theme: Leon Batista Alberti
  • RSA Conference attracts over 17,000 attendees
  • Storm botnet hits 1.6 million PCs, becomes the largest malware headache of the year and makes the most headlines
  • Connecticut teacher Julie Amero convicted of "risk of injury to a minor" due to spyware infected computers on campus
  • iPhone launches with much fanfare -- gets hacked
  • Deadline for PCI and HSPD-12 compliance
  • TJX breach reports theft of 45.6 million credit and debit cards; results in $41 million payout to banks
  • Insider at DuPont pleads guilty to stealing $400 million in trade secrets
  • TD Ameritrade database of 6.3 million customers hacked
  • Disgruntled ex-UBS PaineWebber employee convicted of a felony for a logic bomb planted in former employer's network
    U.S. Department of Energy's Counterintelligence Directorate -- which is charged with protecting sensitive data and operations against espionage by foreign entities -- loses 20 computers that may contain classified data
  • Series of cyberattacks on various U.S. laboratories and institutions, cybercriminals have broken into computers at the Department of Energy's Oak Ridge National Laboratory (ORNL) and also reportedly targeted Los Alamos National Laboratory and Lawrence Livermore National Laboratory
  • Database analyst at Certegy Check Services steals financial data of 8.5 million customers -- later pleads guilty to federal fraud charges

2006

  • RSA Conference Theme: Modern Codes in Ancient Sutras
  • RSA Conference celebrates its 15th year
  • Choice Point fined $15 Million by the FTC for lax security policies

2005

  • RSA Conference Theme: Codes of Prohibition: Rumrunners and Elizabeth Friedman
  • RSA Conference attracts 14,605 attendees
  • The first MMS (multimedia messaging service) worm is discovered
  • The year is peppered with high profile announcementsof data disclosure breaches (ChoicePoint, Citigroup, Time Warner and Bank of America)
  • Trojan.PSPBrick is discovered - the first Trojan horse targeting Sony PlayStation Portable
  • California passes laws aimed at stopping phishing exploits
  • U.S. Real ID Act passed
  • CERT: 5,990 vulnerabilities reported

2004

  • RSA Conference Theme: Chinese Remainder Theorem
  • RSA Conference attracts 10,489 attendees; Bill Gates first appearance as keynote speaker
  • Sasser worm is discovered
  • Security firm hires teenage Sasser virus writer
  • Against All Enemies by Richard Clarke hits stores
  • First anti-spyware law enacted in the U.S. (Utah)
  • Cabir, the first mobile device worm, is developed
  • CERT: 3,780 vulnerabilities reported

2003

  • RSA Conference Theme: The Secrets of the Maya
  • MS Blaster and So Big viruses cause over $3.5 Billion in damages
  • California enacts the nation's first breach notification law requiring companies to disclose if there have been any breaches of customers' personal data
  • Microsoft offers $250,000 reward for culprits of MS Blaster and So Big
  • Japan passes Personal Information Protection Law
  • U.S. government passes CAN-SPAM Act to prevent the use of false header information in email
  • CERT: 3,784 vulnerabilities reported

 

2002

  • RSA Conference Theme: Mary, Queen of Scots
  • First RSA Conference Japan in Tokyo
  • Growth in Internet fraud outpaces growth of the Internet
  • Multiple SNMP vulnerabilities are reported; according to CERT the products of more than 100 vendors may be at risk
  • CERT reports the users of IRC and IM are being tricked into downloading malicious software
  • Sarbanes Oxley Act passed
  • 33% of ISPs say information security "not a priority"
  • CERT: 4,129 vulnerabilities reported

2001

  • RSA Conference Theme: Search for Extra-Terrestrial Intelligence (SETI)
  • Pat Benatar performs at RSA Conference
  • The Ramen worm is discovered as it exploits well know Linux vulnerabilities
  • The Code Red worm is discovered
  • Hackers attack the White House web site causing a Denial of Service attack
  • Viruses estimated to cost industry over $13 Billion in 2001
  • AES announced
  • 43 Nation Council of Europe adopts controversial Cybercrime Treaty
  • CERT: 2,437 vulnerabilities reported

2000

  • RSA Conference Theme: Ancient Greece/Fall of Troy
  • RSA Conference attracts 7,507 attendees; Jefferson Starship performs
  • First RSA Conference Europe in Munich.
  • Hackers deemed terrorists under UK Law (Terrorism Act 2000)
  • FBI continues to hunt hackers with Carnivore tool
  • Love Bug virus cripples computer worldwide; Love Bug suspect apprehended and later released in the Philippines
  • Denial of Service attacks shut down Yahoo!, Buy.com, Amazon, eBay, and CNN
  • Palm.Liberty.A is discovered as the first known Trojan horse for Palm OS
  • U.S. relaxes encryption export policy
  • The Electronic Signature in Global & National Commerce Act passed
  • Teenage hacker Mafiaboy cripples leading Internet sites causing $1.7 Billion in damages
  • FBI apprehends teenage hacker Coolio, who hijacked and defaced leading web sites
  • CERT: 1,090 vulnerabilities reported

1999

  • RSA Conference Theme: Norse/Viking Runestones
  • Melissa virus released and spreads worldwide
  • Distribute.net breaks DES during RSA Conference in 22hrs 15mins
  • CERT: 417 vulnerabilities reported

1998

  • RSA Conference Theme: 16th Century monk, Trithemius and his book Polygraphia
  • Skipjack algorithm declassified
  • Denial of Service attacks hit NASA, U.S. Navy and many universities
  • U.S. DMCA (Digital Millennium Copyright Act) passed
  • CERT: 262 vulnerabilities reported

1997

  • RSA Conference Theme: Cher Ami, Carrier Pigeon
  • RSA Conference attracts 1,846 attendees
  • U.S. debate over the export of products containing strong encryption heats up with the SAFE Act

1996

  • RSA Conference Theme:  WWII Navajo Code-Talkers
  • Second edition of Bruce Schneier's Applied Cryptography published
  • A survey by Dan Farmer finds that 2/3 of "interesting" web sites such as banks, newspapers and government systems have serious security flaws
  • HIPAA enacted; requires healthcare organizations take extra steps to secure personal information
  • The General Accounting Office publishes a report on government-wide information security issues finding that security at most U.S. government agencies is poor
  • CERT: 345 vulnerabilities reported

1995

  • First RSA Conference Theme: Egyptian Scarab Seals
  • A leading U.S. bank hacked by Russian attackers transferring over $10 Million to separate accounts around the world using a laptop computer
  • Kevin Mitnick arrested in North Carolina
  • Hackers alter the web sites of U.S. Justice Department, CIA and the U.S. Air Force
  • Strict EU data protection and privacy laws enacted
  • First network vulnerability scanner developed (SATAN: Security Administration Tool for Analyzing Networks)
  • CERT: 171 vulnerabilities reported

1994

  • Netscape invents SSL
  • Clipper Chip announced by the White House
  • IBM, GE & NBC all hacked over Thanksgiving weekend by a group called "The Internet Liberation Front"

1993

  • Second, now annual, RSA Conference held
  • First Fast Software Encryption Conference is held - this event helps drive the research activities on encryption algorithms that eventually led to the Advanced Encryption Standard
  • Cryptographic security/digital signatures for EDI debated
  • Skipjack algorithm is proposed for key escrow applications (but not published)
  • Traffic on the web expands at an annual rate of 341,634%
  • First edition of Bruce Schneier's Applied Cryptography published

1992

  • Key escrow debate brewing - U.S. government seeking repository for cryptographic keys
  • Concerns about DES vulnerabilities and possible replacements publicly debated (DSS or RSA/PKCS

NOVEMBER 1991

  • First RSA Conference (then called "Cryptography, Standards & Public Policy") held in Hotel Sofitel in Redwood City with 50 attendees: the "Conference" starts at 9:00 a.m. and ends at 3:00 p.m.

 

 

Back to Top