What’s Morris Worm?

Print anything with Printful



The Morris worm, created by Robert Morris in 1988, was the first computer malware to spread over the Internet, infecting at least 6,000 computers and causing numerous servers to fail. Morris claimed he didn’t intend harm, but a programming error caused the worm to overload computers. The incident prompted the creation of CERT/CC and Morris became the first person convicted of violating the Computer Fraud and Abuse Act. The damages were estimated at $100 million USD, and Morris received three years probation and a $10,000 USD fine.

The Morris worm was the first computer malware to spread over the Internet. This malicious, self-replicating computer program was written by a Cornell University graduate student named Robert Morris and launched on November 2, 1988. The Morris worm is estimated to have infected at least 6,000 computers and caused numerous servers to fail. The Computer Emergency Response Team Coordination Center (CERT/CC) was created in December 1988 in response to the Morris worm attack. As a result of this incident, Robert Morris became the first person convicted in the United States of violating the Computer Fraud and Abuse Act of 1986.

According to Robert Morris, he didn’t intend to use the program to cause harm to the network, but rather to determine the actual size of the Internet. As a computer science student, Morris was curious as to exactly how far and how fast the worm could proliferate. Morris said the overcompensation in the program’s logic caused the program to infect the same computer numerous times, rendering the device completely unusable. Despite his claims that he caused unintentional damage, Morris was found to have launched the worm from a Massachusetts Institute of Technology computer to hide the fact that it had actually originated at Cornell.

The Morris worm was transformed from a relatively harmless experiment to a malicious network attack by a critical programming error. A worm uses a network such as the Internet to locate other computers connected to the network and download an unauthorized copy of the program onto them. Before a worm downloads a copy of itself onto a computer, it typically checks to see if one already exists. To prevent downloads, a computer can be programmed to falsely claim that a copy of the worm already exists. Morris attempted to circumvent this security measure by having his worm download multiple copies to each computer, and it caused a catastrophic overload.

The Morris worm is believed to have infected at least 10% of all computers connected to the Internet at the time of the incident. The overall effect on computer and Internet security prompted the US Department of Defense to establish a centralized network emergency response method known as CERT/CC. The US Government Accountability Office has estimated the damages of the Morris worm to be $100,000,000 US Dollars (USD). Robert Morris was convicted on federal charges and received three years probation and a $10,000 (USD) fine. He later became an associate professor of computer science at the Massachusetts Institute of Technology.




Protect your devices with Threat Protection by NordVPN


Skip to content