The most threatening aspect of computer worms as a type of malware is that they are self-replicating. Where viruses sometimes need to hook up to a specific type of computer program or be actively controlled by a hacker in order to work, worms are so dangerous because they start cloning themselves pretty much the moment they hit your computer. The goal of worms is twofold: first, they seek to exploit known vulnerabilities in an operating system; second, they seek to spread as far as they can, using computer networks, email attachments, file sharing networks, and any number of other methods to move from one computer system to the next.
What Worms Are Used For: An Example
That’s not to say that worms are exactly the mindless cancer of the computer world. On the contrary, these malicious programs do send data back to a control server, and they can be controlled to help hackers achieve specific goals.
For instance, when a website goes down as part of a DDoS (Distributed Denial of Service) attack, the root cause is often a worm that has infected a large number of machines. The hacker who created the worm is then able to create a botnet army with these compromised computers, and can use them to flood a specific target site with huge amounts of traffic or data, essentially killing the bandwidth of the target and resulting in a denial of service for the site.
DDoS attacks are difficult to protect against for website administrators, simply because the attack is coming from so many different sources. All of the machines infected with the worm are essentially part of the attack, making it impossible to block specific IP addresses or even distinguish legitimate traffic from malicious traffic.
Worms in History
One of the most notorious computer worms in history was also one of the first. Written by a graduate student at Cornell University, the worm in question—called the Morris worm—was launched in November 1988, and quickly spread from computer to computer. Like other worms since, the Morris worm operated by exploiting known vulnerabilities in a specific operating system—in this case, Unix. Though originally intended as a harmless technology test, the worm was coded in such a way that it would infect some computer systems more than once, which resulted in computer crashes, denial of service attacks across the Internet, and potentially up to $10 million in damage.
The estimate is that the Morris worm infected about 10% of the computers connected to the Internet at the time. While it’s unlikely that a worm could ever have such a far-reaching impact today—thanks to our knowledge of worms and the cyber-security safeguards that are in place on most computers and networks—it’s still frightening to think of the kind of a damage that a worm could do if it infected 10% of the Internet in 2015.
Worms on Mac OS X
Luckily for Mac users, worms still haven’t really made their way to OS X. In the past few years, we’ve seen a huge increase in the number of trojan horses, keyloggers, and other types of malware that can infect machines running Mac OS X. However, a Google search for “Mac worms” should reveal that there are no major worm infections to worry about on Mac… yet.
According to a Wired article published in August 2015, researchers have created “the first firmware worm that attacks Macs.” What this article essentially proves is that there is nothing about Macs on either a hardware or software level that will prevent worms from infecting OS X computers or spreading from one Mac to the next. A firmware worm hell-bent on attacking Macs could be particularly damaging, since, as the Wired piece notes, fixing the issue would require users to open up their Macs and “electrically reprogram the chip.”
Granted, not all worms would impact a Mac’s firmware. Firmware consists of programs or data that are installed to a system’s read-only memory (ROM), after which they cannot be removed. Many worms, while dangerous and destructive, do not have this level of permanence. Still, the point is that the potential is there for Macs to be hit with a catastrophic worm attack.
So how can you protect yourself from worm infection? Since worms exploit known operating system vulnerabilities, always keeping your Mac fully up-to-date with all updates and security patches should reduce the likelihood of a worm being able to exploit your machine. Beyond updates, just use common sense in using the Internet: don’t open emails or attachments from people you don’t know or don’t trust, don’t use public file sharing networks, don’t click on links that look spammy, and always run firewall and antivirus software on your system.