A worm is a malicious program (malware) that spreads and replicates itself. A well-known example is the worm that circulated in 2000 via e-mails with the subject line ILOVEYOU and deleted numerous files.
The terms virus and worm are often used synonymously. However, the malicious programs in question differ in some aspects. For example, a computer virus needs a “host file”, while a worm can act autonomously. For users, however, this distinction is secondary. Worms are spread via networks (e.g. with the help of e-mails), USB sticks, external hard drives and other removable storage devices. Small USB appliances such as USB cup warmers can also contain worms. There are many different types of worms, even mobile phone worms that transmit via Bluetooth. Worms can use different tactics to spread them. For example, the ILOVEYOU worm used the tactics of a Trojan horse: the attachment with the malicious code was disguised as a love letter.
Since worms use a variety of ways to spread, you can encounter this topic at many stations.
Example 1: After a customer meeting, you want to transfer a document to a USB stick of your customer. You connect the USB stick to your computer and first check it with your virus program. It detects and removes a worm – you have prevented a cyber incident through your prudent behavior.
Example 2: You receive an email from a customer with a document attached. The e-mail seems strange to you, you check the sender’s address, but it is correct. Instead of opening the attachment, check it with your virus program. It detects a worm – you’ve just spared your company a cyber incident.
Many measures that increase your company’s cybersecurity offer protection against worms. Among others:
