A computer worm is a type of malware program that aims to infect other computers while still operating on the infected system.
Computer worms are self-replicating malware to spread to computers that are not or have not been infected. Worms often use automated parts and are invisible to operating system users. Usually, users become aware of a worm when its replication is out of control. Consumes system resources, slows down or stops other tasks.
How do computer worms spread?
Computer worms spread without user interaction. All it takes is a computer worm to work on an infected system. Before networking became widespread, computer worms spread through infected storage media, such as floppy disks. And when installed on a system, it will infect other storage devices connected to the system. USB is still a popular vector for computer worms.
How computer worms work
Computer worms often rely on activities and vulnerabilities in network protocols to propagate. For example, the WannaCry ransomware worm. They exploited a vulnerability in the first version of the Server Message Block (SMBv1) resource sharing protocol that was implemented in the Windows operating system. After operating on a newly infected computer, the WannaCry malware begins a search for new potential victims on the network. The system responds to SMBv1 requests made by this worm. Worms can continue to spread within an organization in this way. When someone carrying their own device (BYOD) is infected, the worm can spread to other networks, giving ‘bad guy’ more access.
The email worm works by creating and sending outgoing messages to all addresses in the user’s contact list. The message includes a malicious executable that infects a new system when the recipient opens it. Successful email worms often incorporate social engineering methods to prompt users to open attachments.
Stuxnet, one of the most famous computer worms to date. Includes worm components that spread malware via sharing infected USB devices, as well as system-targeted malware. Surveillance control and data acquisition (SCADA), widely used in industrial environments, including electric utilities, water services, wastewater treatment plants, and many others. Pure computer worms spread themselves from infected systems to uninfected systems. So it is difficult to minimize the possibility of damage from the computer worm.
Infected systems may become unavailable or unreliable as a result of the spread of the worm. And computer worms are also known to disrupt networks by saturating network links with malicious traffic.
Types of computer worms
There are several types of malicious computer worms:
A computer virus or hybrid worm is a subset of malware that spreads like a worm. But it also changes program code like a virus – or carries some kind of malicious payload, like a virus, ransomware, or some other type of malware.
Worm bots can be used to infect computers and turn them into zombies or bots, with the aim of using them in coordinated attacks via botnets.
The IM worm spreads via instant messaging services and takes advantage of access to the contact list on the victim’s computer.
Email worms are often distributed as malicious executable files attached to what appear to be ordinary email messages.
Finally, there are types of computer worms that are designed to spread throughout a network with the aim of providing patches for known security holes. Although this worm has been described and discussed in academia, real life examples have not been found. Most likely due to its potential to cause unintended damage to the unexpected response system. With such software, the greater the ability to eliminate vulnerabilities. However, the use of any software that modifies the system without the permission of the system owner will subject the publisher to various criminal and civil charges.
How to prevent computer worms
Users should practice good network security measures to protect themselves from computer worm infections. Measures that will help prevent the risk of computer worm infection include:
- Keeps the operating system and all other software updates and patches up to date. This will help reduce the risk of newly discovered vulnerabilities.
- Using a firewall will help reduce the chances of malware entering the system.
- Using anti-virus software will help prevent malware from running.
- Be careful about clicking on attachments, links in emails, or other messaging apps that can expose the system to malware.
- Encrypt your files to protect sensitive data on computers, servers and mobile devices
While some worms aim to do nothing more than spread themselves to new systems. Most worms are associated with viruses, rootkits, or other malware.