The computer worm, a threat that crawls... and strikes fast!

One of the most insidious cyber threats is the computer worm. It infiltrates, replicates and wreaks havoc on computer systems. 🪱

What is its modus operandi? How can you protect yourself? We've put together a comprehensive guide, including security measures, to tell you everything you need to know about the computer worm, the threat that crawls up and strikes fast!

See all software Computer Security

Definition of a computer worm

What is a computer worm?

In practical terms, a computer worm is malware whose main characteristic is that it replicates itself autonomously and ultra-fast. Once introduced into a computer, it spreads throughout the system without the need for any external action.

To gain a foothold, the worm exploits vulnerabilities in mailboxes, instant messaging systems, file-sharing networks and the Internet. It can also be physically embedded in a USB key or other storage medium.

Hackers use worms to install backdoors, steal data, deploy other types of malware and generally damage systems.

Signs of a worm

Detecting a computer worm can be a complex task, as its actions are so discreet. 🥷 However, several characteristic signs should alert you:

• Noticeable slowdowns in your system,

• Inexplicable use of your disk space,

• Unusual behaviour of a program,

• Unusual message received from one of your contacts.

The different types of computer worm

• Internet worms: These spread through systems connected to the Internet by exploiting vulnerabilities in web browsers and web-enabled software.

• E-mail worms: They spread when the recipient opens an infected attachment or clicks on a corrupted link.

• File-sharing worms: Embedded in files or folders, they spread in peer-to-peer (P2P) mode to infect other systems when they are shared.

• Instant messaging worms: These infect workstations via booby-trapped links sent over messaging services such as WhatsApp.

• Removable media worms: Copied onto USB sticks or external hard drives, they infect new computers when the media is plugged in.

Computer worm infection: possible consequences

Initially, worms had no objective other than to reproduce ad infinitum. They were created by hackers to expose computer flaws, prove their skills or simply have fun.

Unfortunately, over time, hackers realised that they could also use worms to plant malware in a computer system.

The technique? Insert malicious code into the worm (payload) so that it opens a backdoor in the device. The hacker can then :

• 🏴‍☠️ take control of the computer,
• 🏴‍☠️ harvest sensitive data,
• 🏴‍☠️ encrypt files to install ransomware, etc.

Worms can also be responsible for network saturation due to their propagation and damage to certain files.

For the companies affected, the financial cost can be very high (loss of data, clean-up costs), not to mention damage to reputation.

What is the difference between a virus and a worm?

A virus is a type of malware attached to an existing file or programme. To run and spread, it requires external human action.

This is not the case with worms, and this is what makes them so different from viruses. The worm is autonomous, reproducing and propagating on its own, without the need for a host file or outside intervention.

Worms are also faster, and can infect thousands of connected computers in a very short space of time.

Let's take an example. In 2005, the Samy worm infected over a million users of MySpace in just 20 hours.

Historical examples of computer worms

The first recognised computer worm was Creeper. In the 1970s, it spread on the forerunner of the Internet (ARPANET) at the instigation of its creator, Bob Thomas. Wanting to test the security of his network, Thomas developed a programme capable of reproducing itself autonomously. He then distributed it on the network, where it did far more damage than expected.

In 1988, student Robert T. Morris wanted to count the number of Internet users at the time (around 60,000 computers) by propagating a programme. Unfortunately, due to a programming error, the programme caused major damage to the network. Universities, military installations and more than 10% of the Internet network at the time saw their systems saturated.

Since then, many other worms have risen to fame:

• ILOVEYOU worm: in 2000, this worm disguised as a love letter infected more than 10 million Windows computers worldwide.

• Mydoom worm: it spread very quickly and caused damage estimated at nearly 40 billion dollars for 50 million infected computers.

• Sasser: the worm infected more than 2 million computers in 2004, causing crashes and reboots on a global scale.

• Stuxnet: a targeted worm which, in 2020, affected and damaged 20% of Iran's nuclear centrifuges.

How does this computer worm work?

1. The worm infiltrates a device via a booby-trapped download, an e-mail, a USB key, etc.

2. The worm activates itself autonomously in the device and carries out the action for which it was designed.

3. Once executed, the worm scans its environment to detect other vulnerable systems.

4. It then copies itself to another machine connected to the same system to execute again.

5. The cycle then starts again on a new device, then another, and so on.

Computer worms: what security measures should be taken?

To combat the spread of computer worms, you need to combine human and technical resources. On the one hand, put in place effective security hygiene based on common sense practices. On the other, improve your security with an arsenal of effective software.

Use high-performance antivirus software

The main line of defence against worms (but also ransomware, spyware and other malware) is, of course, a good antivirus. Don't be satisfied with free software for individuals. As a private or public organisation, you often have to manage sensitive data. So opt for a comprehensive security solution!

💡 Check out our directory of the best antivirus software to choose yours!

Use complex passwords

Worms sometimes use factory credentials to infect devices. Don't take any risks by favouring strong passwords that are difficult to guess and unique. With this simple habit, you can considerably increase the protection of your systems.

Updating your software

Worms are looking for the slightest loophole to get in. Obsolete software is one of their favourite entry points.

👉 To avoid this risk, update your day one programmes and operating systems. That way, you benefit directly from security patches adapted to new threats.

Don't click on "suspicious" ads and links

This type of advice may seem obvious, but you wouldn't believe the number of viruses that infiltrate your computer in this way... To reduce the risks of this type as much as possible, use an ad blocker. At the same time, train your teams in good Internet browsing practices to avoid dangerous domain names.

Don't open attachments that look suspicious

When you receive a suspicious e-mail, even if it comes from a trusted contact, don 't open the attachment. If in doubt, contact your IT department or IT manager to clarify the situation. 🕵️

Deactivate automatic execution

When a USB key is plugged in, some systems launch the files on the storage device directly. Disable this function to prevent malicious software from executing. This gives your staff time to analyse the files in depth before installing them.

IT solutions against worms

An active firewall for network protection

The firewall is the basic protection against worm invasions from the net. It filters incoming and outgoing traffic and acts as a barrier between your internal network and the Internet.

Anti-malware (workstations and mobiles)

An anti-virus is no longer enough to deal with cyberthreats. You need to equip your organisation's workstations with comprehensive anti-malware solutions. These suites offer essential functions for detecting and blocking threats before they take hold and spread.

An e-mail filtering system

We recommend that you install filtering software for your corporate mailboxes. Thanks to detection technology based on AI and deep learning, these tools are capable of detecting suspicious signs and blocking threats in real time.

See all software Computer Security

The computer worm in brief

The worm is not a cyberthreat like any other. Even if it is less 'popular' than ransomware or phishing, it is just as dangerous. Imagine, in just a few hours, all your company's central servers could be contaminated and all your data overwritten, because of a lack of vigilance.

So install high-performance security software on your workstations and make your teams aware of IT security. The worm is a threat that knows how to be discreet - that's its greatest strength!