|
Author: Marc Menninger Article source: http://www.selfseo.com/. Used with author's permission.
Robert Tappan Morris was the first person convicted by a jury under the Computer Fraud and Abuse Act of 1986. The story of the worm he created and what happened to him after it was released is a tale of mistakes, infamy, and ultimately the financial and professional success of its author.
Morris was a 23-year-old graduate student at Cornell University in 1988 when he wrote the first Internet worm in 99 lines of C code. According to him, his worm was an experiment to gain access to as many machines as possible. Morris designed the worm to detect the existence of other copies of itself on infected machines and not reinfect those machines. Although he didn't appear to create the worm to be malicious by destroying files or damaging systems, according to comments in his source code he did design it to "break-in" to systems and "steal" passwords. Morris' worm worked by exploiting holes in the debug mode of the Unix sendmail program and in the finger daemon fingerd.
On November 2, 1988, Morris released his worm from MIT to disguise the fact that the author was a Cornell student. Unfortunately for Morris, his worm had a bug and the part that was supposed to not reinfect machines that already harbored the worm didn't work. So systems quickly became infested with dozens of copies of the worm, each trying to break into accounts and replicate more worms. With no free processor cycles, infected systems soon crashed or became completely unresponsive. Rebooting infected systems didn't help. Killing the worm processes by hand was futile because they just kept multiplying. The only solution was to disconnect the systems from the Internet and try to figure out how the worm worked.
Programmers at the University of Berkeley, MIT, and Purdue were actively disassembling copies of the worm. Meanwhile, once he realized the worm was out of control, Morris enlisted the help of a friend at Harvard to stop the contagion. Within a day, the Berkeley and Purdue teams had developed and distributed procedures to slow down the spread of the worm. Also, Morris and his friend sent an anonymous message from Harvard describing how to kill the worm and patch vulnerable systems. Of course, few were able to get the information from either the universities or Morris because they were disconnected from the Internet.
Eventually the word got out and the systems came back online. Within a few days things were mostly back to normal. It is estimated that the Morris worm infected more than 6,000 computers, which in 1988 represented one-tenth of the Internet. Although none of the infected systems were actually damaged and no data was lost, the costs in system downtime and man-hours were estimated at $15 million. Victims of the worm included computers at NASA, some military facilities, several major universities, and medical research facilities.
Writing a buggy worm and releasing it was Morris' second mistake. His first mistake was talking about his worm for months before he released it. The police found him without much effort, especially after he was named in the New York Times as the author.
The fact that his worm had gained unauthorized access to computers of "federal interest" sealed his fate, and in 1990 he was convicted of violating the Computer Fraud and Abuse Act (Title 18). He was sentenced to three years probation, 400 hours of community service, a fine of $10,500, and the costs of his supervision. Ironically, Morris' father, Robert Morris Sr., was a computer security expert with the National Security Agency at the time.
As a direct result of the Morris worm, the CERT Coordination Center (CERT/CC) was established by the Defense Advanced Research Projects Agency (DARPA) in November 1988 to "prevent and respond to such incidents in the future". The CERT/CC is now a major reporting center for Internet security problems.
After the incident, Morris was suspended from Cornell for acting irresponsibly according to a university board of inquiry. Later, Morris would obtain his Ph.D. from Harvard University for his work on modeling and controlling networks with large numbers of competing connections.
In 1995, Morris co-founded a startup called Viaweb with fellow Harvard Ph.D. Paul Graham. Viaweb was a web-based program that allowed users to build stores online. Interestingly, they wrote their code primarily in Lisp, an artificial intelligence language most commonly used at universities. Viaweb was a success, and in 1998, ten years after Morris released his infamous worm, Viaweb was bought by Yahoo! for $49 million. You can still see the application Morris and Graham developed in action as Yahoo! Shopping.
Robert Morris is currently an assistant professor at MIT (apparently they forgave him for launching his worm from their network) and a member of their Laboratory of Computer Science in the Parallel and Distributed Operating Systems group. He teaches a course on Operating System Engineering and has published numerous papers on advanced concepts in computer networking. _____________________________________________________
Marc R. Menninger is a Certified Information Systems Security Professional (CISSP) and is the founder and site administrator for the OpenCSOProject, a knowledge base for security professionals. To download security policies, articles and presentations, click here: Security Officer Forums.
An Honest Commitment To Action Is Key To Your Success
With topics in personal development ranging from goal setting to neuro-linguistic programming (NLP), and many things in between it's no wonder at times we are ...
Cut Off Your Hand!
Did Jesus really mean some of the extreme things that he
said? This article looks at one of the most extreme
commands of Jesus and considers the implications...
Proven Risk Youth Vs At-Risk & High-Risk Youth
In the fields of juvenile justice policy and programming, there are certain terms that are used to describe target populations. In terms of youth who are prone ...
A Fabric Hammock is Comfortable Casual Chic
Hammocks are unique and perfect for alternative seating indoors or out. See how you can use one in your master bedroom or backyard.
The Most Researched Performance Enhancing Nutritional Supplement
Creatine - The most researched performance enhancing nutritional supplement Does creatine supplementation work? The February 2004 issue of the Strength and Con...
Inner Beauty Finding the Source
This is a way to find an inner beauty that transforms. Then it will allow entry into that other room beyond what we call in Ireland "a thin place." It will all...
Auto-Disqualification - When Your Resume Never Reaches the Decision Maker
When applying for a position in today's market, do you ever wonder, "Is my resume really directed to the decision maker?" Are you concerned that your resume n...
Your Marketing Message - Could You Wring More CASH Out Of It With This Ancient Japanese Discipline?
When I was a small boy, my Grandfather was one of the first people to buy a Toyota in our area. It was a rather unremarkable little tin box. Being full of exube...
Going Offshore For Asset Protection
Ideally the primary asset protection advantages of running a business from an international position result in increased profits and security. This article exam...
Stand Out as a Leader, Do 5 Things Better! Number One: Improve the Quality of Your Decision Making!
Our decisions are our brand of fertilizer that enables our results to flourish and amplify with time! Leadership decisions that are considered, socialized and ...
Use Free Articles To Create High Quality Backlinks Part II
The first part has dealt with introductory elements which could provide quality to an article. Yet, there are more to follow with a view to reach the wanted sta...
Digital Photography - More Options, Lower Cost, Great Photos
With a little knowledge and some practice digital photography is a snap. There's no film to buy or process so it saves time and money. Shots can be viewed immed...
The Top Five Health Insurance Plans
Are you undecided on what type of health insurance you need to buy for yourself and/or your family? Here are five popular insurance plans to help you make your...
3 Secrets to a Faster Website
People hate waiting. Yet people persistently want to add the latest and greatest to their website which in turn slows it down a lot. Here are 3 important rules ...
Growing Your Small Business Through Alliances and Joint Ventures
Many Solo Entrepreneurs work from a home office. Our only connections to the outside world are the internet / e-mail and the telephone. Cold calling, "warm" cal...
Dividends
When is a dividend not a dividend?
Backpacking Journals Preserve Your Backpacking Experiences
Backpacking is a great way to escape the rat race and be one with nature. Alas, your backpacking experiences can fade with time. The best way to prevent this is...
Beyond the River: Kabbalahs Guidance for Our Times
Humanity is in a vigorous phase of global challenge. The acceleration of time and the increased energy frequency on the planet are creating volatile change and...
Scrapbooking Ideas for Kids
Many times at auctions, or estate sales, a box of books will turn up a real treasure, like a scrapbook that was kept by someone in their youth and sometimes thr...
Close Kept Secrets to Weight Loss Lesson #4
Express gratitude and be at peace. Watch everything else fall into place, including your weight. Being grateful releases stress and creates calm thereby elimi...
Vision India - 2025 (Expectations of an Ordinary Person)
The way one lyrist has written, "Hum logo ko samajh sako to samjho dilbar jaani; jitna bhi tum samjhoge utni hogi hayerani"
in a nut-shell we Indian's are most ...
What is a Home Loan?
A Home loan is the generic term for a loan.
Choose Your References Wisely!
So, you need to submit employment references. A simple task, right? Sure, you could contact three of your closest friends and ask them to be your references. Th...
The Meaning of Credit Card Numbers
Every digit stands for something specific in the complex system of tracking billions of credit cards across the globe.
|
Print this page