The Malicious Replicating Program
Worms are the most common type of malware and have been around for most of the internet’s history. Worms have changed significantly since it first came about in 1988. The main defining feature of this malicious software is that they can replicate and spread without human interaction aside from opening an infected file. We will go over what makes a worm unique, how they spread, and what have been some of worst attacks.
Worms are unique from other forms of malware for a variety of reasons. They can replicate without human interaction and these clones then spread through a network to infect other computers. This spread can occur extremely quickly by infecting millions of computes in only a few days. While worms could not affect the computer system directly, it did eat away at bandwidth due to the amount it needed to spread. However due to a worm called Witty, some worms are now able to carry what is known as a payload that is capable of dealing damage to computers files.
Computer Worms have evolved over the years and can now spread through many methods. The most common way for a worm to spread in the early days was through email, but throughout the years now, awareness of malware has gone up and has made emails a less desirable form of transmission. Now the preferred method is through vulnerabilities in a computer’s operating system. These vulnerabilities could include out of date software, innate deficiencies in the operating system, or simply bad passwords. Another increasingly popular method of spreading is through smartphones, due to their popularity and widespread use. These smartphone systems support HTML5 based apps, which is a type of programming language that can have malicious code easily inserted into it.
Now to give some examples of worm attacks that have occurred in the past. Starting off is the Morris Worm.
- This worm was created by Robert Morris in 1988 and its supposed purpose was to gauge the size of the internet. The Morris worm, despite having an innocent goal could infect computers multiple times causing slowdowns and, in some cases, a complete shutdown of computers. (Pictured above...)
- In 2003 a worm called SQL Slammer caused global slowdown of the internet. It infected computers running an out of date version of SQL Server or Desktop Engine. Once a computer was infected, the worm would send itself out on randomly generated IP addresses. This caused massive amounts of traffic that overloaded routers and caused the routers to shut down in some cases. This caused more traffic to flare up exacerbating the issue.
- Worms do not always have to be destructive though… In some cases, they can be used to raise awareness. The WANK (Worms Against Nuclear Killers) released in 1989 was one such worm that never caused damage to infected machines. It was spread as an anti-nuclear protest leading up to the launch of the Galileo space probe. WANK spread through computers via algorithm that would choose computes based on net area.
Computer worms have been around almost as long as the internet and will continue to be a threat as the internet continues. It is imperative to keep computers up to date and to have a reliable anti-virus installed. If you would like to know more about different kinds of Malware check our blogpost over Common Types of Malware or if your interested in our preferred anti-virus, Sophos.
If you would like more peace of mind, apply for a free network risk assessment on you company!