4 of 10Image
3. Morris worm (1988)
The first malware to be propagated widely via the internet, the Morris Worm or Great Worm hit around 6,000 of the 60,000 computers on the network in 1988.
Robert Morris (pictured), then a student at Cornell University, maintains that his worm wasn't malicious, but was designed to measure the size of the internet. Others took a different view, as the worm used a batch of security flaws in Unix and was launched surreptitiously.
It was certainly unwelcome, as it was far more aggressive at making copies of itself than it needed to be, often infecting machines multiple times, turning what might have been an easily contained annoyance into a powerful denial-of-service attack. Morris became the first person to be convicted under the 1986 US Computer Fraud and Abuse Act, and the incident led to the formation of the first Computer Emergency Response Team Coordination Center, CERT/CC.
Photo credit: Trevor Blackwell/Wikipedia
4. Melissa (1999)
Named after a lapdancer and released in a document posted to the alt.sex Usenet newsgroup, Melissa had a salacious start in life. Users who opened the document, eager to read the 80 passwords to porn sites promised within, found that the document immediately forwarded itself to the first 50 people in their address book. Which could take a whole lot of 'splainin.
The virus created so much email that many companies had to turn off their internet gateway to regain control of their systems. As a result, the writer — a 30-year-old man called David Smith — got a 20-month prison sentence, despite helping the FBI track down and nab other virus writers.
Photo credit: JR Whipple
ILOVE YOU Love Bug
5. ILOVEYOU (2000)
The ILOVEYOU worm was a devastatingly fast-spreading and effective combo of social engineering and Windows design flaw exploitation. The cost of clean-up and lost work due to the worm, also known as the Love Bug, is thought to total between $5bn and $10bn.
The worm was the work of two Filipino students who were caught, but the case was dropped because there was no applicable law at the time. ILOVEYOU used Microsoft's Visual Basic Scripting (VBS) to forward itself to the contents of the host's Outlook address book. It also overwrote files with copies of itself and tweaked the Windows registry.
It spread around 15 times faster than Melissa, according to the US Army. With at least 50 million computers infected and many large organisations having to shut off internet access, ILOVEYOU highlighted the vulnerabilities within Windows and sparked off large amounts of criticism and me-too infections.
Photo credit: F-Secure