Robert Tappan Morris released the first worm on the Internet on 2nd November 1988 at 8:30 PM. At that time, when only around 60,000 computers were connected to the nascent Internet across 17 countries, the malware managed to infiltrate approximately 10 %, infecting around 6.000 computers. Many of the affected systems were rendered unusable or even shut down. Colleges, research centers, hospitals and the military were mainly affected. This event marked a significant milestone in the early history of cybersecurity. This technical review seeks to address four fundamental questions arising from this historic incident:
- How did the Morris worm work?
- What was the payload?
- How was the program identified?
- How did security experts stop the Morris worm?