The Notorious ‘Morris Worm’ Computer Virus: An Introduction

The Computer virus known as the Morris Worm, is a historically significant type of malware, which holds the dubious title as being among the first Worm Virus’ to be used in a Major Cyber Attack. A Self Replicating Program, the Morris Worm, named after its creator Robert Tappan Morris, had infected over ten thousand computer systems, damaging around 10 percent of all computers connected to the internet during November of 1988. The virus was particularly costly, requiring thousands of dollars to restore the data on each machine which it infected.

The Morris Worm was a particularly sophisticated form of computer virus, as it was able to replicate and distribute its own source code. For example, upon entering your computer through email, the Morris Virus would commonly copy and send itself to everyone listen in your address book. Indeed, the terms ‘Virus’ and ‘Worm,’ in an IT context, are generally known to the public as malicious software that infects a user’s computer system. The public is not wrong in this respect, but the terms are often used interchangeably, when in fact, a worm is a distinct type of virus. A virus moves from device to device through infecting one file, and relying on USBs, email attachments or collaboration apps to spread. A worm is self-replicating, and can independently copy and spread itself by hacking certain vulnerabilities of a computer’s system. Therefore, Worms (Which are a type of virus) are much likely to spread at an exponentially rate, compared to traditional viruses.

The Morris Worm was the first computer virus to gain widespread attention from the media and US government, which resulted in the need to implement better systems of Cyber security, specifically giving universal insight into the variety of vulnerabilities of early internet systems, many of them Unix-based systems. Specifically, the worm was known for exploiting certain weaknesses within the ‘debug modes’ of the operating systems which it had infected, taking advantage of their mail sending capabilities so as to rapidly copy itself.

The Worm initiates itself by firstly hiding itself from the user’s computer. This results in the Virus not being visible on the list of running programs. Specifically, this is done by reducing the Worm’s core dump size to 0 bytes, thereby concealing its presence in the event of any kind of crash and subsequent diagnosis of the infected system.  Then, through its random number generator, it is able to lay dormant and store itself for future use.

Although Robert Tappan Morris had no intent to cause the level of damage he did, the amount of destruction that the Morris Worm caused initiated the creation of the newly implemented Computer Fraud and Abuse Act, under which he was convicted. After serving three years’ probation, and having to pay a fine which amounted to approximately $10,0000 USD, he become a MIT Professor and a Dot-Com Millionaire.

Services offered by Logique Digital Indonesia

To improve your company’s website security and application systems, Logique Digital Indonesia is offering penetration testing services. We have an IT security team to help ensure that your website and applications don’t have security holes. Please contact us in order to improve your application or website’s cybersecurity.

Related Posts