When you hear “cyberattack,” the first things that come to mind are usually data breaches, malware, and social engineering attacks. But have you ever wondered what cyberattacks looked like before the daily barrage of new breaches and scams? Let’s take a look at the world’s first man-in-the-middle attack that happened way before computers even existed — in 1834.
Aug 20, 2020 · 3 min read
Back in 1790s France, when the country was on the verge of a revolution, the government desperately needed a way to relay messages quickly. In those days, the most reliable way to communicate was by using mail coaches or a messenger on horseback. Sometimes, messages could take days to reach the recipient. That was until Claude Chappe, the French inventor, came up with the world’s first telecommunications system — the semaphore telegraph.
A semaphore network consisted of a bunch of towers within sight of each other up to 20 miles apart. Every tower had a pole holding two movable indicator arms, and each arm position correlated to different alphabet characters. An operator in each tower would observe the movements of the previous semaphore through a telescope. Then, they could copy the message and relay it forward.
Now messages could whoosh across France at the speed of approximately 500 kilometers per hour. At its peak, the semaphore network covered the distance of nearly 5,000 kilometers and had 566 stations across the country.
It was an excellent way to deliver government intelligence quickly and securely. The transmitted data was encrypted, in a sense — only senior officials in major cities had the codebooks for decrypting the semaphore signals.
Unfortunately, the semaphore telegraph was off-limits to anyone but the government. That is until two brothers in Bordeaux devised the world’s first telecommunications cyber attack.
The brothers Blanc — Francois and Joseph — were bankers in Bordeaux that traded government bonds. Like in any other city in France, they had to closely monitor shifts in the Paris stock exchange, which set the pace for stock trading nationally. The sooner you learned about changes in the Parisian market, the more money you could make.
Mail coaches took days to reach Bordeaux, and pigeons were unreliable, so the brothers set their sights on the fastest communication channel available — the semaphore telegraph network. If they could hack it somehow, they could receive breaking market news before anyone else.
Here’s how it worked: Francois and Joseph Blanc hired someone in Paris to closely monitor the stock exchange. If there were any significant changes, the accomplice would send packages of clothing to Tours, which was about halfway from Paris to Bordeaux. The colors of the clothing signified specific changes in the market.
The brothers bribed a telegraph operator in Tours who received the coded packages. From then on, it worked like a Man-in-the-Middle attack. The operator would introduce faulty characters with stock market info into official government telegraph communications. The faulty characters would go down all the way to Bordeaux along with the official messages.
There was another accomplice — a former operator who could see the penultimate tower from his house just outside Bordeaux. Francois and Joseph bribed the operator to transcribe the faulty characters with the stock exchange information and pass them on to the brothers. But how did the hack go undetected?
One of the semaphore signals included a backspace signal, which notified the transcriber to ignore the previous character. So the operator in Tours would introduce the erroneous character and then immediately use the backspace signal. The message with the stock exchange information would still reach Bordeaux, but wouldn’t show up in the official transcripts.
The plan worked — Francois and Joseph made a fortune by hacking the semaphore towers. They could get the news about the Paris stock exchange within hours, while everybody else in Bordeaux had to wait for the mail coach to arrive. But the scam couldn’t last forever.
Two years after the brothers started the world’s first Man-in-the-Middle attack on the communications network, the operator in Tours fell ill. On his deathbed, he tried to recruit his friend to take his place. Unfortunately for the Blancs, the friend had more of a conscience and turned them in to the authorities.
However, there were no laws at the time that Francois and Joseph could be prosecuted under for abusing the network, so the brothers went free. The government created laws soon after, however, to prevent anything like this from happening again. Though, as we know, it was definitely not the last attack against private networks!
For more stories about cybersecurity subscribe to our newsletter below!