In February 1958, President Dwight D. Eisenhower established ARPA (later DARPA): the American strategic commitment to compete in technological development with the Soviet Union, which had launched the Sputnik 1 satellite in October 1957. For the first time, the conceptual framework for a network of interconnected computers—operating independently of direct human intervention—was proposed under the moniker ARPANET.
The first message was transmitted via ARPANET on 29 October 1969, and within less than a month, the inaugural link between the University of California and Stanford University was successfully established. By March 1970, the network had extended to the East Coast. A year later, 24 interconnected computers were recorded, all of which were situated within academic and research institutions. This figure grew to 213 by 1981, with a new node added approximately every 20 days, eventually reaching a total of 500 connected machines by 1983.
The gradual normalisation of this nascent technology represented a decisive advancement for civil society; however, it concurrently introduced the initial, unforeseen complications. On 2 November 1988, the network faced the infiltration of the first computer programme capable of self-replication. For several hours, 10% of all machines connected to the incipient internet were compromised by what became known as the ‘Morris Worm’, named after its author, Robert Tappan Morris, a student at Cornell University.
Although Morris’s original intent was not destructive, the worm exploited critical vulnerabilities in fundamental remote access services, such as finger and sendmail, on Unix systems. The impact was devastating: elite institutions, including NASA, Harvard, and Stanford, suffered an operational paralysis that compelled numerous organisations to disconnect from the network, thereby fragmenting ARPANET and exacerbating the collapse for several days. Contemporary television coverage reported the news with profound concern, with bulletins opening with the following headline: ‘Life in the modern world has a new worry. Now that we have become totally dependent on the computer, we are now beset by saboteurs who create computer viruses.’
This incident marked a watershed moment in the vulnerability of state-sponsored infrastructure. Faced with the exposed weakness, the United States government formalised the creation of the CERT (Computer Emergency Response Team), laying the foundations for cybersecurity as both an academic and professional discipline. Robert Tappan Morris was subsequently convicted in the Federal Court of Syracuse, New York, and sentenced to three years of probation, 400 hours of community service, and a fine of $10,050 for violating the Computer Fraud and Abuse Act.
Today, the figure of Morris embodies the paradox of the technological ecosystem: following the incident, he not only pursued a distinguished academic career as a tenured professor at the Massachusetts Institute of Technology (MIT) but also established himself as a pivotal figure in Silicon Valley by co-founding Y Combinator. His trajectory illustrates the evolution of an era, transitioning from the naivety of academic experimentation to the professionalisation of digital control.
Three decades after the event, the episode of the Morris Worm endures as a foundational lesson regarding the inherent fragility of innovation left unchecked. In a 2026 where artificial intelligence and total interconnectivity have exponentially multiplied potential attack vectors, the 1988 incident no longer appears as a mere youthful indiscretion, but rather as the first warning of an era in which democratic stability and national security are, inevitably, held hostage by the integrity of our code.
No Comments Yet