Like many great weapons throughout history, the world’s first botnet wasn’t built with malice. It was built with curiosity.
Today, the term botnet is used to describe an army of computers that are under the control of a malicious conquering party. Botnets (shortened from “robot network”) can be used to conduct cyberattacks, spy on users, or send spam.
In Nov. 1988, Cornell University graduate student Robert Morris, then 23-years-old, launched the Internet’s first botnet. In an attempt to gauge the size of the Web, he later claimed, a computer worm exploited vulnerabilities in email, networking, and login software to spread to computers at universities across the United States, such as Berkeley and MIT.
It was a field day for hackers and academics excited to look at something brand new. The Washington Post tells the fascinating story of the “Morris Worm” in a Friday feature worth reading.
Morris’s invention created a media storm that prompted a press conference at MIT for many reporters who had never heard of the Internet, nevermind malware, before.
The total damage was minimal and took only days to clean up.
“The most significant effect of the worm was how it permanently changed the culture of the Internet,” reports the Post’s Timothy Lee.
“Before Morris unleashed his worm, the Internet was like a small town where people thought little of leaving their doors unlocked. Internet security was seen as a mostly theoretical problem, and software vendors treated security flaws as a low priority.”
Morris was the first person convicted of a felony under the Computer Fraud and Abuse Act. He was sentenced to three years of probation, community service and a $10,050 fine.
The son of a National Security Agency scientist, Morris went on to launch Viewaweb, a start-up which eventually sold to Yahoo for $48 million, and then to co-found Y! Combinator, the Silicon Valley startup incubator.
Photo via Christian Cable/Flickr