Today in 1988, Robert T. Morris, a computer science graduate student at Cornell University, released a self-replicating computer worm on ARPANET (a predecessor of the internet) and, unwittingly, launched what will become the cybersecurity industry, a $219 billion market in 2023, according to IDC, up from $75 billion in 2015.
The worm was part of a research project meant to determine the size of the internet by infecting UNIX systems in order to count the number of existing connections. Because of a programming error, the worm began infecting machines repeatedly, causing clogged networks and system crashes. It became the first worm to spread extensively “in the wild,” the first worm to receive extensive media coverage, and one of the first programs to exploit a buffer overrun vulnerability.
Morris was dismissed from Cornell, sentenced to three years’ probation and fined $10,000. He eventually became a tenured professor at MIT.