Acropolis Institute of Technology and Research, Indore

Acropolis Institute of Technology and Research, Indore

Worm
CS504-(A): Cyber Security

Date: 20 Oct 2020

Worm
● A computer worm is a type of malicious software program
whose primary function is to infect other computers while
remaining active on infected systems.
● A computer worm is self-replicating malware that duplicates
itself to spread to uninfected computers.
● Worms often use parts of an operating system that are
automatic and invisible to the user.
● It is common for worms to be noticed only when their
uncontrolled replication consumes system resources,
slowing or halting other tasks.
How computer worms spread ?
● A computer worm infection spreads without user interaction. All that is
necessary is for the computer worm to become active on an infected
system.
● Before widespread use of networks, computer worms were spread through
infected storage media, such as floppy diskettes, which, when mounted on
a system, would infect other storage devices connected to the victim
system. USB drives are still a common vector for computer worms.
● Computer worms often rely on the actions of, and vulnerabilities in,
networking protocols to propagate.
● Email worms work by creating and sending outbound messages to all the
addresses in a user's contacts list. The messages include a malicious
executable file that infects the new system when the recipient opens it.
Successful email worms usually incorporate social engineering methods to
prompt users to open the attached file.
Example
Stuxnet is one of the most notorious computer worms to date,
consists of a worm component for propagation of the
malware through the sharing of infected USB devices, as
well as malware that targets supervisory control and data
acquisition (SCADA) systems.
Types of Worms
● virus or worm hybrid is a piece of malware that spreads like a worm, but
that also modifies program code like a virus -- or else carries some sort
of malicious payload, such as a virus, ransomware or some other type
of malware.
● A bot worm may be used to infect computers and turn them into
zombies or bots, with the intent of using them in coordinated attacks
through botnets.
● Instant messaging, or IM worms propagate through instant messaging
services and exploit access to contact lists on victim computers.
● Email worms are usually spread as malicious executable files attached
to what appear to be ordinary email messages.
Differences between worms and viruses
As defined in the "Security of the Internet" report, released in 1996 by the
CERT Division of the Software Engineering Institute at Carnegie Mellon
University,
“worms are self-replicating programs that spread with no human
intervention after they are started." In contrast, "[v]iruses are also
self-replicating programs, but usually require some action on the part of
the user to spread inadvertently to other programs or systems.”
How to prevent a computer worm
Measures that will help prevent the threat of computer worm infections
include:
● Keeping up to date with operating systems and all other
software patches and updates will help reduce the risk due to newly
discovered vulnerabilities.
● Using firewalls will help reduce access to systems by malicious
software.
● Using antivirus software will help prevent malicious software from
running.
● Being careful not to click on attachments or links in email or other
messaging applications that may expose systems to malicious software.
● Encrypt files to protect sensitive data stored on computers, servers and
mobile devices
Test Your Understanding
1. A worm is a malware:
A. Which can’t be executed independently .
B. Which always needs a host program to be executed.
C. Which can replicate itself.
D. Which cannot be detected.
Worm
Sources:
● Cyber Law Simplified – Vivek Sood, McGraw Hill Education Pvt. Ltd.

Disclaimer- Parts of the content of this course is based on the materials available from the Web sites and books listed above. The
materials that can be accessed from linked sites are not maintained by Acropolis Institute of Technology and we are not responsible
for the contents thereof. All trademarks, service marks, and trade names in this course are the marks of the respective owner(s).
Any Doubts/Questions
Acropolis Institute of Technology and Research, Indore

Thank You

12