What is the Morris Worm?
In early November 1988, the first ever network attack on computers connected to the global network took place. Her culprit was Cornell University graduate student Robert Tappan Morris.
The program, written by Robert Morris, had a small dictionary of the most well-known passwords, which provided it with penetration of 10 percent of computers connected to ARPANET. Once on a foreign computer, the program first checked whether the same program was already installed here. If the computer was still “clean”, the program masked its presence in the system, read a file that contained information about users of the “occupied” system, forwarded this information to the author, and then tried to copy itself to other computers “friendly” to this one. The program, as it were, “crawled” from one computer to another. For this, later she received the name “Morris worm,” or even “The Great Worm.” Well, this is by analogy with the epic of J. Tolkien, where such a character was. If everything went smoothly, the student R. Morris would not only become the owner of a database of all users of all computers connected at that time to the global network. Using the “holes” he found in the system, he could modify the already installed programs. And, for example, to become the “ruler of the world”, it is true, computer, controlling the work of any of the 60 thousand computers scattered throughout the United States. Not weak!
However, fortunately for the computer community (and for Morris Jr., as it turned out, too), an error crept into the program written by the student. Morris Worms would only have to infect every computer once. In fact, they began to multiply on each of the infected computers. As a result, on November 2, 1988, at least ten percent of computers connected to the global network “hung up”. The usual way to fix many computer problems, rebooting, did not produce results. Worms from an infected computer did not disappear. After the hypothesis that the Russians were attacking their computer, the system administrators seriously took up the analysis of the trouble, talking with colleagues. Most often by phone. Email was virtually blocked due to computer crashes. In general, subsequent calculations showed that the damage from the Morris worm amounted to more than $ 96 million. The news of a malicious computer program appeared even on the main pages of newspapers in the very last days of the 1988 presidential race! But as it appeared, it disappeared. Too few Americans at that time knew what a computer was. In just two days, the joint efforts of computer experts yielded results. The Morris Worm was discovered and decrypted. It is unlikely that Robert Tappan Morris suffered from megalomania. He did not leave his name in the code. But, having seen what the program he had done, he tried to report on how to deal with it through third parties. And then, apparently, after consulting with his father, who was involved in, among other things, computer security, he went to surrender to the FBI. During interrogations, he firmly insisted that the “worm” was written by him for research purposes, and in no case for sabotage. As a result, when it came to court, he escaped with a relatively lenient sentence: three years probation, 10 thousand fine, 400 hours of community service. Contrary to popular legends, a person caught hacking today is unlikely to find a job in the computer industry, especially in the field of computer security. Similar to how a porn star will not be accepted into Hollywood even for episodic roles. But here R. Morris Jr. was lucky. He became a Ph.D. and made a good career in computers and the Internet. The creator of the first computer worm is still teaching at the Massachusetts Institute of Technology. And how did the appearance of the Morris Worm affect the computer community? Firstly, this society was shocked by the scale of what happened. And secondly, by the fact that one of “ours” did it. Serious security measures have been taken. First of all, system administrators realized the importance of passwords. Getting into the system with a simple key selection has become impossible (or almost impossible). Not only system administrators, but also ordinary administrators reacted. With the knowledge of the US government, the Computer emergency response team (CERT) was created on November 30, 1988. It included the most prominent American experts in the field of computer science and practice. One way or another, this group took part in repelling all more or less large-scale attacks on computers and the global network. Her birthday was proposed to the international community as the International Day for the Protection of Information.