Академический Документы
Профессиональный Документы
Культура Документы
Definition/Explanation:
Is a standalone malware computer program that
replicates itself in order to spread to other computers. Often,
it uses a computer network to spread itself, relying on
security failures on the target computer to access it. Unlike a
computer virus, it does not need to attach itself to an existing
program. Worms utilize networks to send copies of the
original code to other computers, causing harm by consuming bandwidth or possibly deleting files or
sending documents via email. Worms can also install backdoors on computers. Worms are often confused
with computer viruses; the difference lies in how they spread. Computer worms self-replicate and spread
across networks, exploiting vulnerabilities, automatically; that is, they dont need a cybercriminals
guidance, nor do they need to latch onto another computer program. As such, computer worms pose a
significant threat due to the sheer potential of damage they might cause. A particularly notorious incident
occurred in 1988. A computer worm since named the Morris worm caused hundreds of thousands, if not
millions, of dollars in damage, and its creator was convicted under the Computer Fraud and Abuse Act.
The actual term "worm" was first used in John Brunner's 1975 novel, The Shockwave Rider. In that
novel, Nicholas Haflinger designs and sets off a data-gathering worm in an act of revenge against the
powerful men who run a national electronic information web that induces mass conformity. "You have
the biggest-ever worm loose in the net, and it automatically sabotages any attempt to monitor it... There's
never been a worm with that tough a head or that long a tail!. The U.S. Court of Appeals estimated the
cost of removing the virus from each installation was in the range of $20053,000, and prompting the
formation of the CERT Coordination Center.
Paths to infection:
There are at least 3 different types of computer worms. There are Email Worms, Internet worms,
Network Worms. All these worms have a different path to go through but at the end of the day they are all
worms. First the email worms.
Email Worms
Email worms spread through email messages. Essentially, an
email message with an attachment arrives in a mailbox and when the
user downloads and executes that attachment, the worm creates a new
email message with a copy of itself attached and mails itself to one or
more other email addresses. Some email worms such as Nimda can
run by themselves without any intervention from the user, and may
even infect the computer from the preview pane. Details like the
alleged sender, subject, message, attachment name and file type, payload (if any), and method of finding
email addresses to send itself to can be radically different.
Internet Worms
Internet worms spread directly over the Internet. The worm searches for open ports on the
Internet and sends itself to other systems. Most of the major worms exploit known vulnerabilities to
spread. Some consider these worms to be the only "true" worms, as they require absolutely no user
intervention to spread. Morris, Slammer, CodeRed, Blaster and Sasser are a few examples of prominent
internet worms.
Network Worms
Network worms spread over network shares. Usually a network worm is also an email, Internet or
other type of worm, as it would not spread very far if it were restricted to a local network. Network
worms are designed to cause chaos on a local, regional or even national scale, and on large-scale
networks can spread rapidly over the course of even a few minutes. An example of a network worm is
Bumerang.
There are actually a few more worms, but these three are the most important and most common that are
most likely to happen. Worms are insidious and self-spreading software applications, which can infect
many computers over a network - without human involvement - by using specific security holes to
replicate themselves. The worm scans the network for another machine that has a specific security hole,
and uses it to copy itself to the new machine before replicating from there. Through this method,
computer worms spread much faster than computer viruses.
Computer Worms
Most known computer worms are spread in one of the following ways:
Some worms are spread as network packets. These directly penetrate the computer memory, and the
worm code is then activated. Computer worms can exploit network configuration errors (for example, to
copy themselves onto a fully accessible disk) or exploit loopholes in operating system and application
security. Many worms will use more than one method in order to spread copies via networks.
There are several steps that should be taken for computer worm removal. It is important to
disconnect the computer from the internet and any local area networks before taking any other
actions for worm removal. In order to prevent spreading of the worm, use a non-infected
computer to download any updates or programs required and then installs them on the infected
machine via an external storage device. Once the computer is disconnected:
Disable autorun
Many viruses work by attaching themselves to a drive and automatically installing themselves
on any other media connected to the system.
Surf smart
Many business-class anti-malware applications include browser plug-ins that help protect
against drive-by infections, phishing attacks (in which pages purport to serve one function when in fact
they try to steal personal, financial, or other sensitive information), and similar exploits.
http://www.pctools.com/security-news/what-is-a-computer-worm/
https://en.wikipedia.org/wiki/Computer_worm
http://malware.wikia.com/wiki/Worm
https://usa.kaspersky.com/internet-security-center/threats/computer-viruses-vsworms#.WCnoU3pKXeo
https://www.veracode.com/security/computer-worm
http://blog.trendmicro.com/what-are-worms-and-how-can-i-protect-myself-from-them/
http://www.techrepublic.com/blog/10-things/10-ways-to-avoid-viruses-and-spyware/