Computer Worms: What They Are and How to Stop Them
CREDIT: Albert Ziganshin/Shutterstock.com
Computers linked to a network are vulnerable to different forms of malware, among which are network worms — small software applications that independently reproduce themselves and travel across network connections.
A worm typically does not infect computer files, but instead copies itself to a folder or directory on a remote machine. It is different from a computer virus, which needs to infect a host file and is not a stand-alone program.
There are several different types of computer worms. Email worms, such as the ILOVEYOU worm of May 2000, spread via email attachments or embedded links and activate when the attachments are opened or the links clicked. New emails are generated by the worm and sent to addresses in the infected computer's address list.
Instant-messaging worms spread through messaging services by sharing Web links or files with addresses on contact lists. Similarly, Internet Relay Chat worms can attack users on chat channels by sending out links or infected files.
Another type of worm, known as an Internet worm, hops onto a local network and from there tries to escape to the full Internet to search for unprotected machines. Both the oldest known worm, the Morris worm of 1988, and the most pernicious, the Conficker worm that first appeared in 2008, are Internet worms.
File-sharing worms arose with the rapid adoption of peer-to-peer file-sharing networks after the centralized file-sharing network Napster was shut down in 2001. They disguised themselves with innocuous names, but would rapidly copy themselves from one shared directory to another.
What they do
Once they're in your machine, malicious worms will often try to install a "backdoor" to enable the installation of more malware. In such instances, the worm is only the beachhead of a larger malware invasion.
For example, variants of Conficker installed botnet herders that grouped infected machines together for criminal purposes, such as pumping out spam or flooding targeted Web servers with useless data. Other worms may install "scareware" that tricks victims into paying for fake anti-virus products, or banking Trojans that hijack online banking sessions.
Worms are not always created with malicious intent, but even benign worms can clog networks as they spread and reproduce themselves.
How to protect yourself
Three basic steps should protect most users against most computer worms. First, a computer's user accounts should be set so that day-to-day use is run as a "limited" user who cannot automatically install software. Administrative accounts with full installation rights should be used only to install, modify or delete software.
Second, all network firewalls, whether in a computer or on a network, should be turned on to limit unauthorized network activity, and the computer's operating system should be set to automatically install system updates.
Third, robust anti-virus software should be installed and set to automatically update and scan. Free anti-virus software will do the job, but paid products add important features such as download and attachment scans and malicious website screening.