What are Computer Worms and How Do They Work?

Stressed mature businessman in office
Andy Smith/Cultura/Getty Images

Computer worms are malicious software applications designed to spread via computer networks. Computer worms are one form of malware along with viruses and trojans.

How Computer Worms Work

A person typically installs worms by inadvertently opening an email attachment or message that contains executable scripts. Once installed on a computer, worms spontaneously generate additional email messages containing copies of the worm. They may also open TCP ports to create networks security holes for other applications, and they may attempt to flood the LAN with spurious Denial of Service (DoS) data transmissions.

Famous Internet Worms

The Morris worm appeared in 1988 when a student named Robert Morris created the worm and released it onto the Internet from a university computer network. While initially harmless, the worm quickly began replicating copies of itself onto Internet servers of the day (predating the World Wide Web), eventually causing them to stop working due to exhaustion of resources.

The perceived impact of this attack was greatly magnified due to computer worms being a novel concept to the general public. After being duly punished by the U.S. legal system, Robert Morris eventually re-built his work career and became a professor at the same school (M.I.T.) from which he originated the attack.

Code Red appeared in 2001. It infiltrated hundreds of thousands of systems on the Internet running the Microsoft Internet Information Services (IIS) Web server, changing their default home pages to the infamous phrase

HELLO! Welcome to http://www.worm.com! Hacked By Chinese!

This worm was named after a popular brand of soft drink.

The Nimda worm (named by reversing the letters of the word "admin") also appeared in 2001. It infected Windows computers reachable through the Internet, triggered by the opening of certain emails or Web pages, and caused even more disruption than Code Red earlier that year.

Stuxnet attacked nuclear facilities inside the country of Iran, targeting the specialized hardware systems being used in its industrial networks rather than general Internet servers. Shrouded in claims of international espionage and secrecy, the technology behind Stuxnet appears highly sophisticated yet full details may never be fully made public.

Protecting Against Worms

Being embedded inside everyday network software, computer worms easily penetrate most network firewalls and other network security measures. Antivirus software applications attempt to combat worms as well as viruses; running this software on computers with access to the Internet is recommended.

Microsoft and other operating system vendors regularly release patch updates with fixes designed to protect against worms and other potential security vulnerabilities. Users should regularly update their systems with these patches to improve their level of protection.

Many worms are spread via malicious files attached to emails. Avoid opening email attachments sent by unknown parties: If in doubt, do not open attachments - attackers cleverly disguise them to appear as harmless as possible.