The “Creeper” virus, written in 1971, is generally considered to be the first recorded cyber attack. It was a self-replicating program written by Bob Thomas, a programmer at BBN Technologies. Thomas was an early developer of the ARPANET, the forerunner of the modern Internet.
The virus was designed as an experiment to see if a self-replicating program could move between computers on a network. “Creeper” moved from one computer to another on the ARPANET, displaying the message “I’M THE CREEPER: CATCH ME IF YOU CAN!”.
Unlike modern malware, “Creeper” was not designed to do damage. Displaying the – admittedly creepy – message was all it was able to do. The program was more of a proof of concept, a playful experiment to demonstrate the potential of computer networks.
“Creeper” wasn’t malicious in the way that modern cyberattacks are, but it marked the beginning of an era in which people began to realize the potential for both good and bad in the interconnection of computer systems. This experiment laid the groundwork for understanding the implications of network security, leading to the development of both malicious software (malware) and defensive measures (antivirus software).
Ray Tomlinson, who is also famous for inventing email, wrote a program called “Reaper” to track down and delete “Creeper”. “Reaper” is sometimes called the first antivirus software.