In 1988 there was a severe compromise of security. A "worm" was let loose on the internet. A worm, according to John Wavk of the US National Institute of Standards and Technology, is a self replicating program that uses the computer network as a means for adversely affecting the system's integrity, reliability or availability. Its like a virus that spreads over the network. The 1988 worm caused severe disruption but, because of dedicated staff at university computer centres who pooled their resources for a short intense few days, the worm was mostly eradicated within 3 days.

The result of this scare was the knowledge that an Internet security system was vital. The Internet Architecture Board (IAB) and other organisations and societies have issued policy statements which characterise unethical and unacceptable activities on the Internet. These include things like gaining unauthorised access to resource of the Internet or via the Internet, compromising the privacy of individuals or organisations, disrupting the intended use of the Internet, wasting resources and destroying the integrity of computer-based information.

Another direct result of the 1988 worm was the construction of several security response teams. These are groups of experts, usually volunteers, who have been selected for their skills and organised into teams. The co-ordination of these teams is organised by the Internet CERT (Computer Emergency Response Team) at Carnegie Mellon University. Also, any user of the Internet has a responsibility to understand security policies and the procedures of his network site. A set of user guidelines has been drawn up which includes things like, change your password as required and don't write it down, don't leave your terminal logged on unattended, etc.