Contact Us Today 01642 716680

Morris Worm

Definition: The Morris Worm was one of the first computer worms distributed via the internet, launched on November 2, 1988, by Robert Tappan Morris. It was designed to gauge the size of the internet by exploiting known vulnerabilities in Unix systems.

Although purportedly intended to cause no damage, the Morris Worm had a design flaw that led to it being more aggressive than planned, resulting in denial-of-service conditions as it replicated unchecked and consumed system resources. Estimates suggest that the worm infected approximately 6,000 computers, which was a significant portion of the internet at the time, causing significant disruption and financial cost in terms of lost productivity and system remediation efforts.

The incident brought to light the importance of network security and the potential impact of malware. It led to increased awareness and the development of computer emergency response teams (CERTs). The creator of the worm, Robert Morris, became the first person convicted under the Computer Fraud and Abuse Act in the United States.

Key Characteristics:

  • Replication: The worm was self-replicating, spreading to other machines without user intervention.
  • Exploitation of Multiple Vulnerabilities: Utilised several known vulnerabilities to infect systems.
  • Accidental Denial of Service: Unintended consequence of aggressive replication consuming system resources.
  • Historical Significance: Marked a turning point in awareness and handling of network security threats.


  • Real-World Example: Upon release, the Morris Worm caused certain Unix-based systems connected to the internet to become unusable due to overwhelming resource consumption.
  • Hypothetical Scenario: Imagine a similar situation wherein a well-intentioned researcher creates a worm to map the spread of an application across a network, but due to a coding error, it spirals out of control, causing widespread system crashes.

Related Terms:

  • Computer Worm: A type of malware that is self-replicating and can spread autonomously from system to system.
  • Denial of Service (DoS): An attack that renders a network or machine unavailable by disrupting services.
  • CERT (Computer Emergency Response Team): An organisation that handles computer security incidents.

What is the OWASP Top 10: Download our flash cards to find out.

Inside you will find a description of the most common web vulnerabilities.

Contact us

Get a free, no obligation quote from one of our expert staff.