People use e-mail more than any other application on the internet, but it can be a frustrating experience, with spam and especially e-mail worms filling our inboxes.
Worms can spread rapidly over computer networks, the traffic they create bringing those networks to a crawl. And worms can cause other damage, such as allowing unauthorized access to a computer network, or deleting or copying files.
HistoryThe first incarnations of internet worms weren't the malevolent threat they are today. These early worms (developed in 1982 at Xerox's Palo Alto Research Center by John Shock and Jon Hepps) were in fact, designed to perform useful tasks within a network.
Despite the evident usefulness of these programs it was also clear that, in the wrong hands they could quite easily be turned to malevolent uses.
The first true Internet worm (and probably the most famous) was released on 2nd November 1988 by Robert T. Morris. It attacked Sun and DEC UNIX systems attached to the Internet and within 24 hours had invaded 4,000-6,000 machines.
The Melissa Worm was first recognized on 26th March 1999, it was the first major mail worm - a form of worm which was to become hugely prevalent. Melissa was written by David L. Smith and named after a lap dancer he met in Florida.
Melissa contained a Word macro virus but unlike previous viruses of this type it could spread in a semi-active manner. It attacked Microsoft's Outlook and Word programs (Any time an infected user attached a Word document to an email, this email sent to the first 50 addresses in the recipients' address book if they use Outlook as the mail client).
In 2001 active worms made a return to prominence. The first of these worms to be noticed was called Code Red. Code Red was a relatively simple worm which affected computers running Microsoft's Internet Information Server (IIS) web server. It infected over 350,000 servers in just over 12 hours. Once it infected a system Code Red waited for 20-27 days to launch denial of service attacks on several fixed IP addresses. (Including the IP address of the White House).
How do they spread?A worm is similar to a virus by its design, and is considered to be a sub-class of a virus. Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any help from a person. When you receive a worm over e-mail, it will be in the form of an attachment, represented in most e-mail programs as a paper clip.
If you click on the attachment to open it, you'll activate the worm, but in some versions of Microsoft Outlook, you don't even have to click on the attachment to activate it if you have the program preview pane activated.
The biggest danger with a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a huge devastating effect. One example would be for a worm to send a copy of itself to everyone listed in your e-mail address book. Then, the worm replicates and sends itself out to everyone listed in each of the receiver's address book, and the manifest continues on down the line. Due to the copying nature of a worm and its capability to travel across networks the end result in most cases is that the worm consumes too much system memory (or network bandwidth), causing Web servers, network servers and individual computers to stop responding.
Other worms can use multiple methods of spreading. The MyDoom worm, which started spreading in January 2004, attempted to copy infected files into the folder used by Kazaa, a file-sharing program. The Nimda worm, from September 2001, was a hybrid that had four different ways of spreading. According to Computer Economics, the associated damage from Code Red and Nimda came to $3.72 billion.
How to protect your computer?- Make sure you visit Windows Update site frequently.
- Most antivirus programs also provide a feature that allows you to update their definitions automatically – make sure you enable that as well.
- Remove Spyware and Adware.
- Prevent Spam.
- Basically there is no one absolute defense from anything – use a combination of software and hardware protection.
- Don’t run files from unknown sources, and confirm with the sender the authenticity of any unexpected attachment, especially an executable file (*.exe, *.scr, *.bat, *.com, *.vbs, *.cmd, etc).