1991

• Kevin Poulsen is captured and indicted for selling military secrets.

1992

• Dark Avenger releases 1st polymorphic virus.

1993

• During radio station call-in contests, hacker-fugitive Kevin Poulsen and friends rig the stations' phone systems to let only their calls through. They win two Porsches, vacation trips and $20,000.
• First DefCon hacker conference held in Vegas.

1994

• 16-year-old student, nicknamed “Data Stream”, arrested by UK police for penetrating computers at the Korean Atomic Research Institute, NASA and several US govt. agencies.
• Five members of the Aum Shinri Kyo cult's Ministry of Intelligence break into Mitsubishi Heavy Industry's mainframe and steal Megabytes of sensitive data.
• Hackers adapt to emergence of the World Wide Web, moving all their how-to information and hacking programs from the old BBS’s to new hacker Web sites.

1995

• Russian crackers steal $10 million from Citibank. Vladimir Levin, the ringleader, uses his work laptop after hours to transfer the funds to accounts in Finland and Israel. He is  tried in the US and sentenced to 3 years in prison. All but $400K of the money is recovered.
• The French Defence Ministry admits Hackers succeeded in stealing acoustic codes for aircraft carriers and submarines
• Movies ‘The Net’ and ‘Hackers’ released.
• Hackers deface federal web sites.
• Macro viruses appear.
• Kevin Mitnik arrested again for stealing credit card numbers. He is jailed on charges of wire fraud and illegal possession of computer files stolen from Motorola and SUN. He remains in jail for 4 years without trial.
  

1996

• John Deutsh, CIA director, testifies foreign organized crime groups behind hacker attacks against the US private sector.
• US Communications Decency Act (CDA) passed – makes it illegal to transmit indecent/obscene material over Internet.
• Canadian hackers (the ‘Brotherhood’) break into CBC.
• South Korean media reports that North Korean government officials are engaging in efforts to obtain foreign proprietary technology through indirect methods.Bell Research Labs in the US announce they have found a way to counterfeit the electronic money on smart cards.
• The US General Accounting Office reports hackers attempted to break into Defense Dept. computer files 250,000 times in 1995. About 65% of these attempts were successful.
  

1997

• Freeware tool AOHell is released - allows unskilled hackers (script kiddies) to wreak havoc on America Online.
• US Supreme court strikes down Communications Decency Act (CDA).
• America On-line (AOL), one of the largest Internet service providers in the US, cuts direct access for its users in Russia due to the high level of fraud.
• The German Chaos Computer Club claims it was able to penetrate Microsoft's Internet software and the financial management program Quicken, and transfer money between accounts without either the account holder or bank realizing the transaction was unauthorized.
• FBI’s National Computer Crimes Squad reports 85% of companies have been hacked, and most never know it.

1998

• Hacking group Cult of the Dead Cow releases a Trojan horse program called Back Orifice at Defcon. Once installed a Windows 9x machine the program allows for unauthorized remote access.
• Timothy Lloyd is indicted for planting a logic bomb on the network of Omega Engineering, causing millions in damage.
• Hackers alter The New York Times Web site, renaming it HFG (Hacking for Girlies).
• During heightened tensions in the Persian Gulf, hackers break-in to unclassified Pentagon computers and steal software programs.
• Information Security publishes its first annual Industry Survey, finding that nearly three-quarters of organizations suffered a security incident the prior year.
• L0pht testifies to the senate that it could shut down nationwide access to the Internet in less than 30 mins.
  

1999

• The Melissa worm is released and becomes the most costly malware outbreak to date (Mar).
• US Defense Dept. acknowledges 60-80 attacks per day (Mar)
• Kevin Mitnick, detained since 1995 on charges of computer fraud, signs plea agreement (Mar).
• The April 26 CIH virus strikes individual PC users around the world. Less common than Melissa, CIH was intended to overwrite hard drives, erasing everything on them (Apr)
• The US Justice Dept. declines to prosecute former CIA Director John Deutch for keeping 31 secret files on his home computer after he left office in 1996 (Apr)
• David Smith pleads guilty to creating and releasing the Melissa virus. It's one of the first times a person is prosecuted for writing a virus (Dec).

2000:

• Russian cracker attempts to extort $100K from online music retailer CD Universe, threatening to expose thousands of customers' credit card numbers. He posts them on a website after the attempted extortion fails. 
• Barry Schlossberg (aka. Lou Cipher) is successful at extorting 1.4M from CD Universe for services rendered in attempting to catch the Russian hacker. (Jan)
• Denial of Service (DoS) attacks by ‘Mafia Boy’ on eBay, Yahoo! and other popular sites render them temporarily unavailable to their users (and cause those companies significant financial losses) (Feb)
• Activists in Pakistan and the Middle East deface Web sites belonging to the Indian and Israeli govts. to protest oppression in Kashmir and Palestine.
• Hackers break into Microsoft's corporate network and access source code for the latest versions of Windows and Office software.
• A news release issued by Internet Wire, and reported by Bloomberg and other news organizations, causes Emulex stock to plunge from $110 a share to $43 on the NASDAQ exchange in minutes. A former Internet Wire employee, believed to have authored the bogus story, faced charges and is alleged to have pocketed $241,000 short-selling Emulex shares that day (Aug).
• Distributed Denial of Service (DDoS) attacks are launched against : Yahoo, eBay, CNN.com, Amazon.com, Buy.com, ZDNet, E*Trade, etc.
• Pres. Clinton says he doesn't use e-mail to communicate with his daughter Chelsea at college, because he doesn't think the medium is secure.
• The "I Love You" virus spreads quickly by causing copies of itself to be sent to all individuals on the affected computer’s address book (by attaching VBScript executable code to e-mails) (May).
• SANS releases its first "Top 10 Vulnerabilities" list, denoting the most prevalent problems exploited by hackers.
• Kevin Mitnik is released from prison (Jul).
• FBI establishes fake security start-up company in Seattle and lures two Russian citizens to U.S. soil on the pretense of offering them jobs, then arrests them. The Russians are accused of stealing credit card information, attempting to extort money from victims, and defrauding PayPal by using stolen credit cards to generate cash. (Nov)
  

Continues in Section 3 - 2001 -2005...