A computer worm is defined as a computer program that can copy itself from one network to another. Unlike a virus, it does not need to attach itself to a file to spread. It does not require any user intervention to spread. Worms take advantage of a hole in an operating system; they can find an unsecured network and manipulate it so they can enter it. Many worms manipulate holes in Microsoft programs. Worms use up bandwidth and slow down, sometimes even shut down computer systems. Even if the worm is not destroying files it can create a “backdoor” which allows for attacks in the future. Some of the common motivations behind those who spread worms are: experimental curiosity, criminal gain, protest and terrorism.
The first widespread worm was The Morris internet worm in 1988. Certain worms target users of popular social networking sites such as the Koobface worm that targets users of Facebook and Myspace. Worms can also affect phones. A recent worm changed iPhone user’s backgrounds to a picture of Rick Astley and a quote saying “ikee is never going to give you up”. This virus affects users who installed SSH on their jail broken iPhone’s but didn’t change the password. Some well known worms include: The CODE RED worm, the Storm worm and the ILOVEYOU worm which affected over 50 million computers and caused an estimated $5.5 billion in damages. "That's just the nature of the beast," Moss said. "It's always easier to attack than defend. It's always easier to destroy than to build. And the nature of our infrastructure is so complicated that it's easier to point out one fatal flaw here or there than it is to rebuild the whole system." - Jeff Moss, the founder of the Black Hat and DEFCON computer hacker conferences References: http://en.wikipedia.org/wiki/Timeline_of_computer_viruses_and_worms www.govtech.com/gt/articles/733241 http://www.icir.org/vern/papers/taxonomy.pdf |