A student wrote a tiny program to measure the internet, and accidentally crashed a tenth of it

In November 1988, the young internet seized up. Computers at universities, laboratories and even NASA slowed to a crawl and then froze, with no obvious cause. The culprit turned out to be a single small program written by a curious graduate student who never meant to do any harm. The Morris worm was the first time the internet was brought to its knees.

Across the early internet, screens filled with errors as machines ground to a halt. Illustration: Watts & Wild.

Today we take it for granted that the internet is under constant attack, defended by whole industries of security experts. None of that existed in 1988, when the network was a small, trusting place shared mostly by researchers, and the Morris worm exposed just how fragile that trust really was.

What makes the story so memorable is not malice but accident, and the unlikely path its young author took afterwards.

What the Morris worm did

On the night of 2 November 1988, the program was let loose, and it spread with frightening speed from one computer to the next. Within about a day the Morris worm had disabled roughly a tenth of all the computers then connected to the internet, including machines at major universities, research labs and NASA.

It moved by slipping through known weaknesses in the Unix systems that ran the early network, copying itself onto each new machine it reached and then using that machine to look for more. There was no ransom demand and no destruction of files. The damage came simply from the worm running wild, multiplying so fast that it choked the computers it infected until they could do nothing else.

A small program with a big bug

The person behind it was Robert Tappan Morris, a 23-year-old graduate student at Cornell. By his own account, he was not trying to cause chaos but to measure something: how big the internet actually was. Morris meant his program to quietly count the machines on the network, but a flaw in how it avoided detection made it reinfect computers over and over, multiplying out of control.

To hide where it had come from, he launched it not from Cornell but through a computer at MIT, a detail that would later matter. The result of that one design mistake was the opposite of quiet. Instead of taking a discreet census of the internet, his worm crippled it, and the network's small community of operators spent frantic days working out how to stop the thing and clean it off their systems.

The first cybercrime conviction

The fallout was historic. The panic led directly to the creation of the first organised computer emergency response team, the model for the security outfits that guard networks today. Morris became the first person ever convicted under the United States Computer Fraud and Abuse Act, the law that still underpins much of how computer crime is prosecuted.

He was sentenced not to prison but to probation, hundreds of hours of community service and a fine. There was a sharp irony in the case, too: his own father was a renowned computer-security expert who worked at the heart of the American government's code and security establishment. The son's accidental worm became one of the most studied events in the early history of internet security.

What was the Morris worm?

In simple terms, it was the internet's first great accident. The Morris worm proved that a single piece of self-copying code could leap across the whole network and bring it down, a danger almost no one had taken seriously until that night.

It marked the end of the internet's age of innocence. Before the worm, security on the network was an afterthought, built on the assumption that everyone connected to it could be trusted. Afterwards, that assumption was gone for good, and the long arms race between attackers and defenders that still rages today had quietly begun.

What happened to Robert Morris?

His story has one of the most surprising endings in technology. Rather than being ruined by his youthful disaster, he rebuilt his reputation completely. Robert Morris went on to earn a doctorate, become a professor at MIT, and help found Y Combinator, one of the most influential startup incubators in the world.

One honest note keeps the tale fair. The worm was never meant to be malicious, and it destroyed no data on purpose; the harm came from a careless bug rather than bad intent, which is part of why the courts were relatively lenient. That a clumsy mistake could both crash the early internet and launch a brilliant career is a reminder that in computing, as in life, the line between catastrophe and lesson can be very thin.

One careless program froze a tenth of the internet and ended its age of innocence, yet barely harmed the career of the student who wrote it. When does a costly mistake deserve forgiveness, and when should it follow someone for life? Tell us what you think in the comments.

Related reading: the Trojan Room coffee pot, the world's first webcam, from the same early days of the internet, or the Phantom of Heilbronn, the serial killer who turned out to be a contaminated cotton swab.

More from Watts & Wild

The first webcam watched a coffee pot The demo that saw the future in 1968 The film star who helped invent WiFi The man who lit the world for pennies

More in Science & Tech →