Robert Tappan Morris claims he only wanted to measure the size of the Internet, but he didn’t count on the speed and power of his program.
He wrote a virus program that would spread to other computers. He made the program smart; before it infected a new system, it would actually check and see if there was already an active copy running there.
Unfortunately, at the same time, he made it stupid. It would be really easy to prevent the spread of the program just by telling all of the computers on the network to always answer “yes” when the virus checked. So, Morris programmed it to install another copy of itself fourteen percent of the time.
The main part of the program was designed to hack into known Unix weaknesses, like the Finger bug and Sendmail.
On November 2, 1998, Morris released his creation from a computer at MIT (to hide the fact that the virus was created at Cornell). Within hours, the Internet had slowed to a crawl.
Morris hadn’t counted on the speed of the program. Fourteen percent is a small number in human terms, but a huge number in microseconds. Infected computers were spending every available bit of power into hunting for more computers to infect. Some estimates say that the worm hit over six thousand computers, and the government claims damages of at least ten million dollars.
The Internet Worm was quite probably the first computer virus to spread across the Internet, and the first one noticed by the mainstream. It forced many computer experts to rethink computer security and the nature of the Internet, and we’re still learning the same lessons today.
Robert Tappan Morris was sentenced to probation and a fine, and today he is an associate professor at MIT, the college he released the Internet Worm from.