Robert Tappan Morris and the Crime Behind the First Internet Virus.
On the evening of November 2, 1988, around 8:30 p.m., a cleverly crafted malicious program was released onto the Internet from a computer at the Massachusetts Institute of Technology (MIT).
What was the First Internet Virus?
This cyber worm quickly began to spread at an astonishing rate, causing computers to freeze up. A worried student from the University of California, Berkeley, sent an email that night stating, “We are currently under attack.” Within just 24 hours, it was estimated that around 6,000 of the roughly 60,000 computers connected to the Internet at that time had been affected. Unlike viruses, computer worms can operate and spread independently without needing a software host.
Latest: DB Cooper Mystery After 53 Years - New Clues May Solve Case
Berkeley wasn’t the only institution impacted. The rogue program infiltrated systems at several prestigious universities and research centers that formed the early national electronic network, a year before the World Wide Web was created. Notable casualties included Harvard, Princeton, Stanford, Johns Hopkins, NASA, and the Lawrence Livermore National Laboratory. The worm specifically targeted computers running a certain version of the Unix operating system, but its ability to spread was enhanced by various attack methods.
System Flaw
It took advantage of a backdoor in the Internet’s email system and a flaw in the “finger” program that identified network users. Additionally, it was designed to remain undetected. While the worm didn’t damage or erase files, it still had significant effects. Essential military and university operations slowed dramatically, and emails were delayed for days. The network community worked hard to understand how the worm functioned and how to eliminate it. Some institutions opted to wipe their systems clean, while others disconnected their computers from the network for up to a week. Although it was challenging to determine the exact damages, initial estimates began at $100,000 and quickly escalated into the millions.
As computer specialists raced to find a solution, the issue of accountability became increasingly pressing. Shortly after the incident, a troubled programmer reached out to two friends, confessing that he had unleashed the worm and was distraught over how wildly it had spiraled out of control. He requested one friend to send an anonymous message online on his behalf, offering a brief apology and instructions for removing the malicious program.
Unfortunately, due to the extensive damage caused by the worm, very few people received the message in time. Meanwhile, the other friend made an anonymous call to The New York Times, which would soon feature the attack prominently on its front page. He informed a reporter that he knew the identity of the program's creator, explaining that it was intended as a harmless experiment and that its rapid spread was due to a coding mistake. In subsequent discussions with the reporter, he inadvertently mentioned the worm's creator by his initials, RTM.
This information allowed The Times to quickly verify and publicly disclose that the individual responsible was a 23-year-old graduate student from Cornell University named Robert Tappan Morris. Morris was a skilled computer scientist who had graduated from Harvard in June 1988. Growing up, he was surrounded by computers, thanks to his father, an early innovator at Bell Labs. At Harvard, he gained a reputation for his technical skills, particularly in Unix, and was also known for his playful antics. After being accepted into Cornell that August, he began working on a program designed to spread slowly and stealthily across the Internet.
Latest: 900 Days Without Anabel: The Tale of Spain’s Longest Missing Persons Case
To conceal his identity, he launched it by hacking into an MIT computer from his Cornell terminal in Ithaca, New York. Once the incident became public knowledge, the FBI initiated an investigation. Agents quickly established that Morris was the perpetrator and began interviewing him and his associates while decrypting his computer files, which provided a wealth of incriminating evidence.
Was Morris in violation of federal law?
It turns out he was. In 1986, Congress enacted the Computer Fraud and Abuse Act, which prohibited unauthorized access to protected computers. Morris was indicted by prosecutors in 1989, and the following year, a jury convicted him, making him the first individual found guilty under this new law. However, instead of serving time in prison, Morris received a fine, probation, and was required to complete 400 hours of community service.
Robert Tappan Morris
This incident had a significant effect on a nation that was just beginning to understand the importance and vulnerability of computers. The concept of cybersecurity started to gain traction among computer users. For instance, just days after the incident, the first computer emergency response team was established in Pittsburgh under the guidance of the Department of Defense. Additionally, developers began to create essential software for detecting computer intrusions.
At the same time, the Morris Worm sparked a new wave of hackers and a series of Internet-related attacks that still challenge our digital infrastructure today. Whether intentional or not, this first Internet attack served as a crucial wake-up call for the nation and the emerging cyber era.
