Morris was convicted under CFAA, it's surprising to me that it isn't a "regular" thing to hear about another hacker getting convicted on a daily basis. What are the reasons this doesn't happen? I understand they can hide their identity, etc., but are there even active investigations? Is there a single biggest reason why, like not being able to prove which person caused something to happen?
I don't really like real world analogies for computer systems, but if there was a big line of people in masks knocking at my door and trying 100s of different keys in the lock, 24/7, I'd probably seek some legal remedy rather than just getting more locks.
So basically it's almost certainly a waste of time for law enforcement and they mostly don't bother. If they did, we would see command/control moved inside Tor and it would become even more difficult to track (AFAIK this already happens in the more sophisticated botnets).
The appropriate analogy is probably something like fake check scams. Illegal, but difficult to trace and likely to lead to a dead end.
Oops, I actually jumped topics for the final paragraph and was making an analogy about scanners trying random passwords on a known port, or similar.
When he took off the headset, there was a single tear in his eye, and he was smiling... “We’d like to fund you”
But...I'm sure there would have been another worm or virus (and many others - like there had been) that would have caused the same vigilant info security that we have today.
During that time, viruses were being transmitted without Internet through sharing floppies, and they were widespread.