How curiosity, audacity, and a handful of lines of code led to one of the first malware of history and how this incident marked a before and after in the digital age.
From the early days of computing to the current era of interconnection, cyberattacks have evolved significantly, and one of the most emblematic episodes that marked a turning point in this evolution was the emergence of the ““Morris worm” at the Massachusetts Institute of Technology (MIT) in 1988.
In the 1960s and 1970s, when computers were in their early stages of development, hackers were primarily students and technology enthusiasts seeking to better understand the equipment they worked with.
At that time, acts of intrusion into computer systems were relatively harmless and focused on exploration, but above all learning.
However, as technology advanced and connectivity between computers became a reality, cyberattacks began to take on a darker tone. Acts of sabotage, data theft and, in some cases, cyber espionage emerged as online security threats emerged.
In this context, on November 2, 1988, at MIT, Robert Tappan Morris, a computer science student, only 23 years old, made the decision that would forever change the course of computer security, as well as the perception of Internet.
The famous “Morris worm” and its impact on Internet security
Morris has a bold idea in mind, and that was to measure the size of the web. To make it, had written a program of only 99 lines of code and released it on the ARPANETthe precursor of the global network we know today as the Internet.
However, what the young man did not know at the time was that his creation, nicknamed the Morris worm, would become one of the most significant events in the history of technology. This program was specifically designed to spread through computers connected to the ARPANET.
To do this, he used an ingenious method: asked the computers if they already had a copy of themselves up and running. That is, if the answer was no, the worm was copied to the computer, but if yes, it only duplicated itself and installed an additional copy every seven times.
It should be noted that the intention was to avoid repeated infection of the same computer, but the reality turned out to be very different. The program spread at an alarming speed, exceeding Morris’s expectations and exposing a flaw in his safeguarding logic.
Within hours, PCs around the world were inundated with multiple copies of the wormwhich caused processing overload and ultimately the crash of numerous computers.
The consequences were devastating, as it is estimated that around 10% of computers connected to the Internet at that time experienced problems due to the Morris worm, which was a type malware that replicated itself.
MIT, where the incident originated, was one of the places hardest hit initiallybut this program quickly spread throughout the United States and crossed borders, even reaching Europe and Australia.
The economic cost of this catastrophe was significant, with estimates exceeding several million dollars in damages. Especially at a time when there were around 60,000 computers connected to the Internet.
Initial news pointed to Russian hackers as the main culprits, in the midst of the Cold War. However, investigations revealed that the true and only culprit was an American student.
In this way, Robert Tappan Morris was charged under the Computer Fraud and Abuse Act, for which he was sentenced to three years of probation, 400 hours of community service and a fine of more than $10,000 (9,270 euros).
After the events, in 1990, he continued working in computer security, and is currently a professor at MIT. However, there is no doubt that This event was a historic event that forever changed the history of the Internetsince the attack helped the development of incident detection and response systems.
The evolution of cyber attacks
After the Morris worm incident, cyberattacks continued their evolution. Hackers became more sophisticated, and their motivations diversified. From the theft of personal data to ransomware and attacks directed at large companies, the panorama has become more dangerous, but above all complex.
Nowadays, computer security is a constant concern in the digital world.. Companies and governments invest significant resources in data protection, as well as preventing cyberattacks.
As technology advances in leaps and bounds, the challenges in this area also evolve, and the story of Morris’ program serves as a reminder that vigilance and preparation are essential in this constant change.