Back in 1988, the internet was a much smaller and friendlier place. No more than 100,000 computers were online, and no one considered the need for precautions like firewalls. In this week’s Tech Time Warp, we will see where that all changed.
That all changed the evening of Nov. 2, when online traffic stalled due to a rapidly propagating worm. The Morris worm was the work of a 23-year-old Cornell University graduate student named Robert Tappan Morris, and by all reports, the worm was a side project that simply got out of hand. The FBI reports that within 24 hours of the worm’s release, 10 percent of all computers connected to the internet had been infected, including machines at Harvard, Princeton, Johns Hopkins, Stanford and NASA.
An early cybersecurity incident
The Morris worm targeted the Unix operating system using multiple vectors. This included an email backdoor, a bug in a “finger program” and sloppy, easy-to-guess passwords (evidently a problem throughout the entire lifespan of the internet). When Morris realized what was happening, he panicked and contacted two friends, asking them to post an apology message and worm removal instructions online. The bulletin board message read: “There may be a virus loose on the Internet. Here is the gist of a message I got: I’m sorry.” It was a classic example of too little, too late. Many network computers had been affected that few people saw the apology or the removal instructions. One of Morris’ friends called The New York Times and referred to Morris by his initials, RTM, which gave the reporter enough information to identify the worm’s creator.
Morris was the first person convicted under the 1986 Computer Fraud and Abuse Act. He was not sentenced to jail time but did receive a fine, probation and 400 hours of community service. Morris has gone on to lead a quiet life as an MIT professor.
Did you enjoy this installation of SmarterMSP’s Tech Time Warp? Check out others here.
Photo: Grand Warszawski / Shutterstock
