The Creeper and the Reaper make cybersecurity history


“I’M THE CREEPER. CATCH ME IF YOU CAN.”

This eerie message is the equivalent of “hello, world!” in cybersecurity history. In 1971, Bob Thomas, an engineer at BBN Technologies in Cambridge, Massachusetts, developed the first computer worm, dubbed the “Creeper.”

Written for the TENEX operation system, the Creeper traversed the ARPANET, the precursor to the internet. Jumping from computer to computer, the Creeper announced itself with this message and then attempted to print something. But before the printing could take place, the Creeper would jump to another machine on the ARPANET. The Creeper did not erase any files or extract any personal information.

The original Creeper was designed not to replicate itself but rather bounce around. It wasn’t designed with malicious intent; rather, Thomas was developing a resource-sharing capability that would allow users to run applications on another computer experiencing less processing load. “Creeper moved because it could, not because it was advantageous to do so,” explained Thomas’ colleague Ray Tomlinson in a 2014 interview. “It was a demo and wouldn’t be very interesting if it didn’t do anything.”

Creeper leads to the first antivirus

For his part, Tomlinson enhanced Creeper to make it replicate itself rather than just move from machine to machine—and he followed this up with the first antivirus software, the “Reaper,” which was, of course, designed to remove the now-replicating Creeper.

In all, Creeper could have only affected 28 machines, because as Tomlinson pointed out, that’s how many were running the TENEX operating system. Despite the Creeper’s small impact on the machines it touched, the worm launched the world of cybersecurity, making it worthy of remembrance during National Cybersecurity Awareness Month.

Subscribe to SmaterMSP

Photo: Volodymyr Nikitenko / Shutterstock