Jeepers Creepers, The Rise of Digital Forensics Since the 1970s: Part 2, the ARPANET Crash of 1980

09/24/2024

TL;DR

ARPANET, the precursor to today’s Internet, in October 1980 suffered a significant network crash that disrupted communications across the United States. This article highlights an early example of using digital forensics techniques to diagnose the issue, foreshadowing the critical role of forensic analysis in determining whether certain events were due to deliberate misconduct or something less sinister.

Introduction to ARPANET

Around the time that your author also was coming online, the U.S. Department of Defense began funding development of the Advanced Research Projects Agency Network (ARPANET) to enable resource sharing between remote computers. By the early 1970s, several dozen university and government hosts were connected to this early network, and in 1980 the system supported thousands of users.

The ARPANET Crash and Investigation

In October 1980, ARPANET suffered a widespread failure, affecting connected computers nationwide. What followed was one of the earliest examples of a large-scale digital forensic investigation aimed at identifying the root cause of a network disruption. Although available digital forensics tools were rudimentary compared to today’s advanced software, investigative steps included those often used today, such as network log file analysis. By examining network logs and tracing communication patterns, software engineers discovered that the root cause of the crash was not hackers, but rather an endless loop of message retransmissions that overwhelmed and collapsed the network. This early use of forensic analysis helped pinpoint the exact moments of failure and allowed engineers to fix the issue, restoring ARPANET’s functionality.

Takeaway: The Importance of Identifying Whether there Really is a Bad Actor

Much like early experiments with viruses and anti-viruses in the 1970s detailed in Part 1 of Jeepers Creepers, the ARPANET crash demonstrated that sophisticated experts often are needed to identify and interpret log files in order to piece together whether activity on computer systems was due to potential wrongdoing or more benign causes. For example, although I have been involved in many plaintiff-side cases in which my team and I identified evidence of intentional data theft from log file analysis, we also have seen experienced digital forensic analysts misinterpret such logs.  On the defense-side, getting an experienced digital forensic expert involved early can help you figure out if there’s an actual fire to extinguish, or if the opposition is just blowing smoke.

Want to hear how Repario can bring you the best in digital forensics expertise, both in and out of the courtroom? Reach out to our sales team!

General questions about Repario and our incredible workforce? Email [email protected] with all your questions!

Other Categories

Ready to Elevate Your eDiscovery?

Connect with our experts to find tailored solutions for your challenges.