The 1988 Internet Worm was the first major worldwide computer security incident where malware (software that is malicious) propagated throughout the internet. The lessons from that incident are still valid and, surprisingly perhaps, the vulnerabilities identified that allowed the worm to cause such problems are still present in some modern software systems.
The incident was documented in a paper in Communications of the ACM, 'The Internet Worm: Crisis and Aftermath'. by Gene Spafford. (Comm ACM, 32 (6), June 1989 - accessible to ACM Digital Library members)
Use of example: I use the example to supplement a lecture on security and secure systems development.
My slides presenting an overview of the security incident.
This is a detailed analysis of the 1988 Internet Worm incident by researchers at MIT. It was the basis for a published paper on the incident in Communications of the ACM in July 1989.
The Internet archive of the message first reporting the incident
Messages generated as system managers discussed how to handle the worm
A more recent major security incident occurred in 2001 when the 'Code Red' worm struck a large number of Internet servers. This exploited a similar vulnerability (no array bound checking in C resulting in buffer overflow) to that exploited by the original worm.