Site Network: | | Jongsma & Jongsma

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at S?nnet Beskerming.

Username: | Password: Contact us to request an account

20th Anniversary for Poorly Written Network Worms

20 years of poorly written havoc-causing network worms will come to pass on November 2, as it marks the 20th anniversary of the Morris Worm, considered the first major network attack on the Internet. Despite only reaching an estimated 6,000 systems, it still represents 10% of the available systems on the Internet at that time. There is some argument over the exact number of systems compromised and the overall percentage of Internet hosts affected, but the widespread impact of the worm is the most significant outcome.

Not only was it one of the earliest examples of an automated denial of service attack (which came about because the detection routine to tell if another copy of the worm was present had a bug in it), but it also led to the creation of the CERT Coordination Center (CERT/CC), which preceded US-CERT by several years and is meant to be one of the key management centres for Internet related attacks and problems.

Robert Morris, the worm's creator, was convicted under the Computer Fraud and Abuse Act and was eventually sentenced to probation (3 years), community service (400 hours) and a fine ($10,000). For Morris, he has now entered the academic staff as an Associate Professor at the institution he used to launch the attack, MIT, despite being at Cornell when the worm was originally released.

Whether or not the worm was designed for malicious use, or, as Morris has claimed, to map the Internet, the fact remains that it ended up acting as a malicious worm. The use of vulnerabilities in sendmail, finger, rsh, weak passwords, and the attempt to hide the source of the attack (using a system at MIT rather than at Cornell where Morris was) would nowadays suggest motives that weren't completely pure. A problem with this line of thought is that it is extremely difficult to identify an outcome from the worm which could be considered beneficial for a malicious attacker.

The mid 80s were an interesting time for Information Security. The first viruses and trojan horses appeared in 1986, so there was a lot of advancement in malicious activity taking place in a very short period of time and next year marks the 20th anniversary of ransomware - the particularly nasty type of malware that encrypts a victim's content and then demanding payment for a decryption key that will decrypt the content back to its original state.

2 November 2008

Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis

Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.