Photo by Chris Karidis on Unsplash

What Was the First Cyberattack?

The Blanc brothers and the Chappe telegraph network

By Felipe Ruiz | February 10, 2022 | Category: Attacks

If you type into Google "How many cyberattacks happen per day in 2022?" one of the first results could say something like this: "Every 39 seconds, there is a new attack somewhere on the web." However, I found that number was mentioned in an A. James Clark School of Engineering study in 2007! Currently, that number should be pretty different. Actually, I saw that Cybersecurity Ventures in 2019 estimated a ransomware attack on a business every 11 seconds by the end of the last year. Read it carefully, only that kind of attack against only organizations or companies. You can already try to picture the disproportionate magnitude of the problem, which begs the question: How is it that all of this started?

Answering this question, believe it or not, doesn't take us back to the early days of computer networks. According to Tom Standage in the 1843 magazine, we have to go back to the first half of the 19th century. The first "cyberattack" was perpetrated in France on a telecommunication network, specifically, a mechanical telegraph system. And although the combining form cyber- denotes a relationship with computer networks, Standage's approach may be somewhat valid because it refers to an attempt to steal controlled information from a network of information systems, precisely, "the world's first national data network." That's very similar to what's happening today, even though we talk about different technology and cyberattacks now go beyond information theft. Let's put this earlier attack into context.

Following Encyclopedia Britannica's definition, a telegraph is "any device or system that allows the transmission of information by coded signal over distance." This term is generally used to refer to the electric telegraph, developed in the 19th century. However, it was initially used to describe the pre-electric version near the end of the 18th century. In 1791-2, the French inventor Claude Chappe, with the help of his brother Ignace, developed a very successful visual telegraph or optical semaphore system. "This system consisted of pairs of movable arms mounted at the ends of a crossbeam on hilltop towers." Both the crossbeam and the arms could vary their position angles to represent numbers and letters (see Figure 1).

Chappe telegraph

Figure 1. Chappe's telegraph and some configurations (two images [1, 2] taken from Wikipedia).

At that time, as Stefano Selleri of the University of Florence says, the communication networks of centralized states were mostly "postal networks, with the exchange of written messages at the top speed technologically available: pigeons and horses." But with the invention of the aforementioned visual telegraph, another type of network could be established. In this case, messages were transmitted through chains of towers. These towers were reportedly 3 to 6 miles (5 to 10 km; even more) apart from each other, and operators could achieve a transmission rate of about three symbols per minute with them. It was then possible to speak of a telecommunication network (at least a modern one, overcoming the ancient use of beacons for elementary messages). For material objects were no longer being delivered but only information.

Each message could straightforwardly travel through the network. Via a telescope, the telegraph operators watched what one of the adjacent towers was transmitting. Then, they adjusted the elements of their systems to match the shared configurations. At first, Chappe defined 256 possible configurations, but after seeing difficulties in their recognition, he ended up reducing them to 92. Later, he published the first manual containing 8,464 "messages that could be transmitted, obtained by pairing individual symbols." In this way, France achieved faster communication than with the use of letters from one end to the other. Now it just took minutes!

The Paris-Lille line, which included 18 towers over an extension of 190 km, was the first to be officially inaugurated in 1794. Since then, the expansion of the network was almost inexorable, reaching even countries such as Belgium and Italy, and its use was exclusive to the governments. Four decades after the inauguration, in 1834, another pair of brothers began to gain prominence in this line of events. They were the bankers François and Joseph Blanc who sought to take advantage of the French network of visual telegraphs.

The Blancs traded government bonds at the exchange in Bordeaux, "where information about market movements took several days to arrive from Paris by mail coach." Knowing in advance whether the market was rising or falling could be a great advantage for traders, so they wouldn't have to guess. Unlike many had already tried, the Blanc brothers sought a covert method to be the first in Bordeaux to obtain such information. Therefore, they decided to "hack" into the telegraph network.

According to Paul Ducklin from Naked Security, part of that network's security depended on obscurity. Regular telegraph operators received no information on the meaning of the tower configurations, except those used for "error correction and flow control." So, a "backspace" symbol told the message transcriber to ignore the previous character. The transcription was carried out in certain towers that were like storage centers. There it was chosen which line the message should follow in its forwarding. The information traveling from Paris to Bordeaux, for example, had to pass through one of these centers in the city of Tours (see Figure 2).

Map

Figure 2. Paris-Tours, 200 km; Tours-Bordeaux, 300 km (taken from Naked Security).

Consequently, what the Blanc brothers did was to bribe one of the operators in Tours to insert a spurious character —their own data— from there, indicating the market behavior of the last day, followed by a backspace. This would result in the Bordeaux central tower erasing this supposed error at the time of transcription and leaving the original message clean. This trick would not have worked when trying to do it from Paris because, in Tours, the key character would have disappeared in the middle of the transcription.

Therefore, the Blancs also had to figure out how to move the information they needed from Paris to the tower in Tours without arousing suspicion. They allegedly resorted to sending packages with small items such as socks or neckties. This happened every time a confederate in Paris noticed significant changes, of a particular magnitude, in the bond market. Through the characteristics of the package and items, the operator could then decode the message about the market movement. He could then send it via the Tours-Bordeaux telegraph line for rapid transmission. Finally, another of the accomplices, a former telegraph operator, was the person "who observed the telegraph tower outside Bordeaux with a telescope, and then passed on the news to the Blancs."

It seems that more than 100 messages were transmitted to the astute Blanc brothers up to 1836. However, in that year, everything came to light, but not for raising suspicions with the money obtained or the sending of those packages. What happened was that the operator in Tours got sick and revealed all to a friend, mistakenly believing that he could be his replacement. And although the Blanc brothers were later brought to trial, curiously, they could not be convicted because there was no law against abuse of information networks. After all, contrary to what would happen today, they got off scot-free from what we can qualify as the first cyberattack in history.