Even hackers get into the holiday spirit. The Santy worm brought unwelcome gifts in December 2004, and the CHRISTMA EXEC brought a charming ASCII tree to screens in 1987. On December 22, 1988, the Father Christmas worm traveled to NASA — not from the North Pole, but from Switzerland, via DECnet, one of the first peer-to-peer network architectures. DECnet allowed for email, file transfers, and remote log-ons.
Although the Father Christmas worm caused little damage, it greatly increased the awareness of computer security protocol. For instance, the perpetrator behind Father Christmas — whose identity was never uncovered — logged into the DECnet internet from a Swiss university using a username and password that matched. Father Christmas reached NASA’s Space Physics Analysis Network, aka SPAN, and was detected within 10 minutes.
A Christmas crisis is avoided
NASA programmers swiftly intercepted the worm’s source code and devised and deployed a procedural cure using existing operating system functionality. This contained the spread of Father Christmas to approximately 6,000 computer nodes worldwide, very few of which actually executed the worm. The worm itself — a program called HI.COM — was designed to send an electronic Christmas greeting signed by Father Christmas to infected computers.
Had Father Christmas been a more potent piece of malware, connecting to SPAN could have had devastating consequences. SPAN was a network of more than 2,800 NASA, government, private-sector, and university computers in the U.S. and extended to the European Space Agency network.
Photo: vovan / Shutterstock