We are going to start by explaining what a computer worm is, its history, how they work, propagation and more.
What is the computer worm and which was the first
A computer worm We can define it as a malware that replicates to spread to other computers and usually uses a computer network to spread. Its way of acting is taking advantage of security flaws in the target computer to access it.
On the other hand, if we compare it with the way a virus acts, they are very different. Worms usually act almost always causing some damage to the network, such as consuming bandwidth. Instead, viruses almost always corrupt or modify files on a target computer.
It should be noted that many computer worms are designed only to spread, and do not attempt to change the systems they pass through. The main purpose of a computer worm is to spread to as many computers as possible. To achieve this goal, they create copies of themselves on the affected computer and then distribute it through means such as e-mail or P2P programs among others.
As for the distribution of a worm, it has changed a lot since its inception. Cybercriminals initially used physical means to enter a network, such as a floppy disk. Today that technique would still be viable through the use of a USB stick. However, the most common method today would be through the Internet, such as using e-mail, P2P networks, instant messaging services, and more.
As for the first computer worm in history, it was the Morris worm dating back to 1988. Thanks to it, a large part of the existing servers at that time was managed to infect. Its name is due to its creator Robert Tappan Morris who had to answer judicially and was convicted for his actions. From here, there was a before and after as the dangers that it could cause were seen. Thus, a short time later, security companies such as Nirdesteam were among the first to develop the firewall.
Some famous computer worms
The Morris worm we have already talked about is famous because it was the first to wreak havoc. Now we are going to talk briefly about three others that caused a sensation at the time and that had a great impact. Perhaps some of them sound familiar to you.
The first one we are going to talk about is the computer worm ILOVEYOU. It was so called because it was spread by e-mail with a message with that name. It appeared in 2000 in the Philippines and quickly spread globally. This worm was designed to randomly overwrite files on its victims’ computers. Then, from the source computer, he would e-mail copies of himself with Microsoft Outlook using the contacts in the address book. It caused multimillion-dollar losses around the world.
Another also very famous was SQL Slammer which was a brute-force Internet worm that spread in 2003. To achieve its objectives, it attacked a vulnerability in Microsoft SQL Server for Windows 2000. What it did was generate random IP addresses and send copies of itself. In the event that the receiving computer had an unpatched version of SQL Server, it would enter and start up. The danger it had is that it turned infected computers into botnets and then carried out DDoS attacks.
More recently in 2017 we have the computer worm WannaCry. In this case, it was also an example of ransomware integration. Thus, after spreading, it encrypted the files of its victims and then asked for a ransom payment to be able to recover them.
How a computer worm spreads
A computer worm usually spreads through one of the following tactics:
- By sending emails with attachments.
- With a link to a web or FTP resource.
- Through a shared file on P2P networks.
- By sending an ICQ or IRC message that contains a link.
- Through physical means such as a USB memory that is inserted directly into a computer.
This is a threat that we must take seriously. The reason is that they are becoming more dangerous, complex and harmful. An example is WannaCry that we talked about before and that ended up encrypting the files. Then came the note with the ransom to pay. Another factor to take into account is that a worm often uses social engineering techniques to achieve greater spread. For this reason, the creators of a computer worm choose an attractive theme or name with which to disguise this malicious software.
What are the symptoms that we can have computer worms?
A computer worm usually acts discreetly and tries to be as inconspicuous as possible. However, there comes a time when we can observe a series of symptoms that may indicate that something is not right.
One of the most typical is that we see that our computer slows down or crashes. This happens when you consume too many resources and are unable to carry out your usual activity. Another may be when we observe that we are running out of free space on the hard disk. It may also be that let’s see that our computer behaves erratically and strangely. Then we see strange alerts and new or missing files. In case that our contacts mention that we have sent you strange and unusual messages. Perhaps it could be a computer e-mail worm that is sending messages to our acquaintances.
How we can prevent computer worms
There are two very important things we can do to avoid a computer worm. One of them is to use the common sense and another is have the software updated.
An important issue is that the worms are going to take advantage of the obsolete software to access our computer. Therefore, to avoid it we need to have updated:
- The operating system.
- An antivirus, and if possible, antimalware software.
- Programs and applications.
Another important thing is never open email attachments from strangers. Also, another good practice is don’t click strange links, use common sense and hover over it we often see that the URL is suspicious. You also have to use strong passwords and enable multi-factor authentication, if it’s posible. Finally, if you follow all these tips you can prevent a computer worm from infecting your computer.