Don’t Run Another Phish Test Until You Read This
Get Started Book a Demo

Morris Worm

10th February 2020 | Cybrary Morris Worm


The Morris Worm goes down in history as the first worm in existence.  This self repeating computer program that was written by Robert Tappan Morris, a student at Cornell University, and released from MIT on November 2, 1988. According to the creator of the worm, Morris, the intention of the program was to gauge the size of the internet at the time, although it unintentionally caused a Denial of Service (DoS) for nearly 10% of the 60,000 machines connected to the internet at the time. 

The program created by Robert Morris created a bit of a stir, resulting in a Supreme Court Case. The United States v. Morris (1991) case resulted in Morris being convicted under the 1986 Computer Fraud and Abuse Act, with Morris receiving a sentence of three years in prison, 400 hours of community service and a $10,000 fine.

As an SMB Owner, what does this mean for me?

The Morris worm was the first self-replicating malicious software witnessed online.  Since then there have been dozens of similar events that costs millions and sometimes billions of dollars in damages.  As a business owner, make sure your company’s cybersecurity program includes the following protections:

  1. You Train your employees have a robust awareness program in place to train on how to spot and avoid email based phishing attacks, social engineering, and many other modern hacker attack methods.
  2. Govern your employees with policies on Information Handling, Acceptable Use of Computers, and Passwords at a minimum.
  3. Have a Risk Assessment performed on your company to understand the potential threats and vulnerabilities you face and then once you decide on a budget, create a remediation plan to begin reducing your risks to an acceptable level.
  4. Test your employees with Phishing attacks at least quarterly and preferably more often.
  5. Ensure you have Technical protections in place to protect you when your training and governance fails you and employees click on a hacker attack.  Antivirus, SPAM filtering, removing Administrator rights to your windows desktops, and deploying a Password Manager are all strong starting activities for low cybersecurity maturity companies.  As you mature you will need to add additional technical solutions to improve your protections.

Related Terms: ILOVEYOU Virus, Melissa Virus, SQL Slammer Virus

Source: Radware

To learn more about the Morris Worm, watch this short video:

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

Why Traditional Phishing Tests Fail — And How the Latest Research Proves It’s Time for a Change
12th August 2025 | Blog

Why Traditional Phishing Tests Fail — And How the Latest Research Proves It’s Time for a Change

For years, organizations have relied on fake email phishing simulations to measure employee resilience to...

Read more
Stopping Token Theft: How Microsoft’s Protections Prevent BEC Attacks
5th August 2025 | Blog

Stopping Token Theft: How Microsoft’s Protections Prevent BEC Attacks

Welcome to our two-part blog series on Microsoft’s new email security enhancement now included in Office 365 P1...

Read more
Why Hackers Love MSPs and What We’re Gonna Do About It
29th July 2025 | Blog

Why Hackers Love MSPs and What We’re Gonna Do About It

"Being an MSP today is like wearing a neon sign that says, ‘Hack me! I’m the gateway to 100...

Read more
Get Started All Posts