Believe it or not, it was in the 80s when the internet was first hit by a major security attack with the name of “Morris.”

Three decades ago, the internet was hit by its first major security attack. 

Three decades ago, On November at 8:30 p.m., a cyber worm was released out to the Internet from a computer owned by the Massachusetts Institute of Technology. 

This malicious program started to propagate at incredibly high speed and harmed devices on its way. Thinking about it, the world hasn’t been the same since that day.

 

Morris: The First Cyber Worm Attack 

Only 24 hours had passed, when 6,000 computers connected to the internet were hit. These are impressive numbers, by judging that back then, there was only an estimate of 60,000.

A concerned student at the University of California, wrote concerned that day:

“We are currently under attack.”

 

Unfortunately for many others, the student wasn’t the only victim that day. The malicious program infected systems from many other private research centers and prestigious colleges, including Harvard, Princeton, Standford, Johns Hopkins, NASA, and others.

Fun fact: this event occurred one year before the invention of the World Wide Web.

 

Unlike viruses, computer worms as Morris, don’t need a software host. Instead, they’re capable of existing and propagating on their own. 

This one in particular targeted Unix-powered (operating system) computers, but it spread immediately as it hit the surface, thanks to its multiple attack vectors. 

To give you an idea of what happened: Morris exploited a backdoor in the Internet’s electronic mail system. It also made use of a network user’s identifier program.

As soon as it came in, the whole network community started to work together to figure out how Morris worked and what were the ways to remove it from the systems.

It’s important to mention that it didn’t damage or destroy files, but it slowed down vital military and university functions. Emails seemed to be the more affected, being delayed for days. 

Some institutes wiped their systems, while other’s just disconnected them from the network.

Afterward, it was discovered that estimated damages (not exact) got close to $100,000.

While that doesn’t seem too much from today’s standpoint, just take into account that nothing like it had occurred ever before. For that reason, experts became more urgent to know who was responsible for the Morris worm. 

Here’s when a programmer contacted two friends shortly after the attack, admitting he was behind the launch of the worm, and asking to keep the message anonymous. It also included a brief apology and a guide to removing the program.

As you can imagine, this “secret” couldn’t keep for too long, when one of the same friends called The New York Times to explain the truth behind the news splashing the front pages.

While this person tried to not expose the author, he accidentally referred to him by his initials (RTM) in follow-up conversations. Sooner, it was known, confirmed, and publicly reported that Robert Tappan Morris (a 23- year-old Cornell University graduate) was responsible.

He was a computer scientist who graduated from Harvard in 1988. He started to develop the program after being accepted into Cornell that August. 

The FBI launched an investigation right after the incident became public. They began to interview Morris and decrypting his computer files, where plenty of evidence was found.

Even while this occurred “so long ago”, he still had broken the rules (the Computer Fraud and Abuse Act was released in 1986). Morris got indicted and one year later, he was found guilty, also becoming the first person convicted by the CFAA.

He avoided jail time and just faced fines, probation, and 400 hours of community service. 

As you can imagine, this episode impacted the world severely, with the realization of how important – but vulnerable – computers are. People were now more serious about its use.

But this inspired both the good guys and the bad guys. For one side, developers were now taking security as one of the main values to focus on software and hardware.

And a new wave of online assaults also was born from this day.