MoofLifeHistory of Internet & Social Media
Moment image for Morris Worm Becomes the First Major Internet Security Incident
Floppy disk containing the source code for the Morris Worm, at the Computer History Museum | Source: https://en.wikipedia.org/wiki/Morris_worm | Credit: By Go Card USA, CC BY-SA 2.0, https://commons.wikimedia.org/w/index.php?curid=3959700 | License: https://creativecommons.org/publicdomain/zero/1.0/

Morris Worm Becomes the First Major Internet Security Incident

United States
5 min read
Updated By: History Editorial Network (HEN)
Published: 
the Morris Worm spread across ARPANET-connected systems, becoming the first major internet security incident and the first widely recognized internet worm.The worm was created by Robert Tappan Morris, then a 23-year-old graduate student at Cornell University. It was released from a computer at the Massachusetts Institute of Technology network. Morris later stated that the program was intended to measure the size of the internet by counting connected machines, but a design flaw caused it to spread uncontrollably. The worm exploited vulnerabilities in several Unix-based systems, including weaknesses in the sendmail mail transfer agent, the finger network service, and the use of weak passwords. To ensure propagation, the worm was programmed to reinfect machines even if they were already infected. However, the reinfection rate was too high, causing systems to slow dramatically or become unusable due to resource exhaustion. At the time of the incident, the internet (then primarily composed of ARPANET and connected academic networks) was estimated to include approximately 60,000 computers. Contemporary estimates suggest that about 6,000 machines—roughly 10% of the network—were affected. Universities, research institutions, and government facilities experienced system disruptions, and administrators disconnected affected machines to contain the spread. The financial cost of the incident has been estimated in various reports to range from hundreds of thousands to several million U.S. dollars, reflecting lost productivity and recovery efforts. In 1989, Morris was charged under the U.S. Computer Fraud and Abuse Act of 1986. In 1990, he became the first person convicted under that law. He was sentenced to three years of probation, 400 hours of community service, and a fine of $10,050. The Morris Worm incident prompted the establishment of the Computer Emergency Response Team (CERT) Coordination Center in November 1988 to improve responses to future cybersecurity threats. It remains a documented early example of how software vulnerabilities could disrupt interconnected computer networks. #MorrisWorm #CyberSecurity #InternetHistory #ComputerSecurity #CERT
Primary Reference
Morris worm
Explore the Life Moments of

History of Internet & Social Media

Life Timeline
AI Twin

Related Moments

First Website Goes Live at CERN

01-Aug-1991

Symbolics.com Becomes the First .com Domain Registered

15-Mar-1985