Internet malware turns 33: What have we learned?

Internet malware turns 33: What have we learned?

ICTpost Governance Bureau

33 years ago, on November 2, 1988, much of the Internet – still very small at the time – crashed. The cause was an immature experiment, turned Frankenstein monster, instigated by a graduate student at Cornell named Robert Morris.

The Morris worm or Internet worm of November 2, 1988 is considered the first worm and was certainly the first to gain significant mainstream media attention.

Everyone realized at the time that computer security was no longer just theory, but something that needed to be taken seriously. That doesn’t mean that people actually went to the trouble of taking it seriously, just that it couldn’t be dismissed as science fiction anymore. DARPA created the Computer Emergency Response Team (CERT) to deal with such incidents in the future. They’re still in business as are CERTs all over the world. US CERT calls itself Computer Emergency Readiness Team now, which I guess is meant to sound more proactive.

Robert Tappan Morris, now a professor at MIT, maintains that he created the worm in an effort to gauge the size of the Internet, but the code replicated itself and spread like a wildfire, ultimately infecting some 6,000 computers, or about 6% of all the computers connected to the Internet at the time.

Morris’s friend and colleague Paul Graham writes that the number was just someone’s wild guess, and that he was there when it happened. The problem is that the solution to the worm was to reboot systems, and this deleted all traces of it. Nobody knew at the time how many hosts were on the Internet or how many wre affected.

Eugene Spafford, one of the first to analyze the Morris Worm, says we haven’t learned from it or other major security breaches since.

When the first major computer virus brought 10 percent of the computers connected to the Internet to a screeching halt 33 years ago, it grabbed national headlines even though it only affected about 6,000 computers. Since then the number of Internet-connected devices has climbed into the billions, but according to the man who analyzed that early computer worm, our security awareness is still stuck about where it was when fewer than 100,000 computers were connected to the Internet.

Based on what people have done since then in terms of security, I don’t think it [the Morris Worm] taught us a lot. said Eugene Spafford, a Purdue University professor of computer science. I don’t think we learned anything from it, and we’re still not learning anything from it.

Courtesy: The Washington Post

editor@ictpost.com

Did you like this? Share it:

Leave a Reply

Your email address will not be published.

2  +  2  =