IMPACTFUL VIRUSES IN HISTORY: MORRIS WORM

Megan Poljacik • September 27, 2024

In the history of cybersecurity, few events have had as big an impact as the Morris Worm outbreak in November 1988. Known as one of the first major worms to spread widely across the early internet, the Morris Worm highlighted the weaknesses of connected systems and emphasized the need for strong cybersecurity practices that are still important today.



The Morris Worm was created by Robert Tappan Morris, a graduate student at Cornell University. On November 2, 1988, Morris released the worm onto the internet from a computer at the Massachusetts Institute of Technology. His intention, as he later claimed, was to gauge the size of the internet. However, due to a design flaw, the worm replicated much more aggressively than expected.

Unlike viruses that require a user to execute a file, worms have the unique ability to reproduce themselves across networks without intervention. The Morris Worm exploited known vulnerabilities in Unix-based systems, specifically targeting sendmail, finger, and rsh/rexec processes, all of which control various network communication protocols. Once it infected a system, it would attempt to replicate itself to other machines, leading to a rapid spread that overwhelmed networks and drove systems to a halt. hours, approximately 6,000 machines, accounting for about 10% of the internet at the time, were infected. The worm’s rapid replication caused major slowdowns and system crashes, disrupting machines at universities, military sites, and research facilities. The financial impact of the outbreak was estimated to be between $100,000 and $10 million, a substantial sum in the late 1980s!


Since nothing of this threat type had been seen before, system administrators and researchers scrambled to understand the worm’s code, develop patches, and fix affected systems. The event was certainly eye opening for the computer community and spurred a wider conversation about the need for better security measures across the board. This lead to the creation of the Computer Emergency Response Team (CERT) by DARPA.  


Robert Tappan Morris faced legal repercussions for his actions. In 1990, he was convicted under the Computer Fraud and Abuse Act, becoming the first person prosecuted under this law. He was sentenced to three years of probation, 400 hours of community service, and fined $10,050. Despite this, Morris went on to have a successful career, co-founding the company Y Combinator, which helps start up companies gain funding.



The influence of the Morris Worm goes far beyond its immediate impact. It served as a wake-up call, highlighting the vulnerabilities of connected systems and the potential for widespread disruption. It also proved the importance of responsible coding practices and the need for comprehensive cybersecurity measures.

Uncomplicate IT News Blog

ON PREM VS. SASE: WHICH FIREWALL IS RIGHT FOR YOUR BUSINESS?

By Megan Poljacik March 27, 2025
Three things in life are certain: death, taxes and the persistent threat of cyberattacks. There are many layers of defense in the onion of cyber security, but at the helm is your firewall. Traditionally firewalls have always been the piece of hardware acting as a barrier between your office network and the wilds of the internet. Then in 2020 the way we work was transformed forever by the global pandemic. Nearly a third of the workforce transitioned to remote, leaving offices empty. Many employees continue to work in non-traditional spaces to this day. How can we defend them against cyberattacks if they are outside the protective reach of an on premise firewall? A firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Think of it as a moat with a bridge and a guard shack that surrounds a castle. The guards and the moat are the firewall, acting as a barrier and between a trusted internal network (the castle) and untrusted external networks (random people trying to get in), helping to prevent unauthorized access to and from the castle while allowing legitimate traffic to pass through. The outside forces have to “check in” with the guards before they can cross the moat and access the castle.

NEW MESSAGING GUIDELINES RELEASED

By Megan Poljacik February 25, 2025
You may have heard recently that the FBI and Cyber Security and Infrastructure Security Agency are recommending cell phone users use end to end encryption when sending text messages. Why are they doing this and how does it affect you and your business? In December of 2024 authorities revealed that Chinese hackers have breached at least 8 major telecom network infrastructures, including those of Verizon and AT&T. Known as Salt Typhoon, the nefarious actors used a “back door” that is used by U.S. foreign intelligence surveillance systems (yes that’s legal wiretapping). Senior officials within the US Government have admitted the hackers have had access since summer of 2024. It appears that they focused heavily on users in the Washington DC area.

IMPACTFUL VIRUSES IN HISTORY: HUMMINGBAD

By Megan Poljacik December 19, 2024
Imagine a virus infecting over 85 million Android phones without anyone catching on. Believe it or not, this really happened in 2016! How could a virus be so easily distributed without human intervention? The HummingBad virus was a persistence rootkit, which is a very smart and nasty virus. It is difficult to find and even more difficult to remove. They embed themselves within the system without the users knowledge and they are designed to hide themselves and their activities, even from security software. A rootkit will take over an infected system on its own, or if it cannot gain root access, it will push a fake update prompt, tricking the user into installing. Once the malware has control of the device, it begins downloading and installing apps, and the lucrative business of conning users begins. The HummingBad virus was designed to click on the ads within the apps to generate advertising revenue. This inflated ad click and view counts, allowing the attackers to earn more revenue without actual user engagement. The malware also promoted and installed additional malicious
More Posts