When something goes wrong with a computer, most people’s first response is not to figure out what is causing the problem, but rather how to get it fixed quickly so they can get back to whatever they were doing in the first place. Like most things in life, knowledge is power when it comes to cybersecurity and keeping your assets safe.
The average person has limited knowledge of how various threats to their computer work, what they look like, and how to get rid of them.
One of the most common mix-ups when it comes to describing malicious agents that hackers and cybercriminals try to infect a system with are computer viruses and computer worms. Although some people use them interchangeably, they are very different artificial organisms that have different origins, different purposes, and different behavior inside of a system.
Both worms and viruses are types of malware – shorthand for malicious software – and worms are actually a type of virus. Knowing their differences can help users protect their systems against infection.
What came first, the virus or the worm? The idea of a virus infecting a computer system was first an academic article called “Theory of self-reproducing automata” published in 1966 by Professor John von Neumann of the University of Illinois. Five years later, a computer scientist named Bob Thomas decided to test von Neumann’s article and wrote a self-replicating program called the Creeper system.
It gained access to many early networking systems – most of them academic in nature and displayed the message “I’m the creeper, catch me if you can!”. A second program, the Reaper, was created to eliminate the Creeper, making it the first antivirus software in human history.
A worm is capable of self-replication in order to spread to other computers. They don’t need the original file to move with them from one computer to another, they can multiply and spread quickly, often using a person’s email contacts to rapidly gain access to one machine after another, then turning the same trick on those machines.
Worms have the misconception of being more annoying than destructive, as some simply make copies over and over. But most have a purpose, whether it is to suck up bandwidth, copy over files, or act as backdoor programs to find an entry point for other viruses.
One of the most notorious and “successful” worms hit in 2000. Called the “ILOVEYOU” worm, it appeared as an email with that name as the title and an attached file that was named “LOVE-LETTER-FOR-YOU.txt.vbs”. So many people were inexperienced with attachments at that time that it was frequently opened, at which point it would start overwriting and hiding people’s files.
By the time it was finally dealt with on a wide-spread scale, it was thought to have done up to $8.7 billion in damages – about $13.2 billion in today’s money. Remarkably, the creator – a resident of The Philippines was not charged with any crimes because there no laws against creating a computer worm at the time.
A computer virus, by definition, is a program that replicates itself by inserting its own code into other computer programs, modifying them to act according to set functionality – almost always of a malicious nature – as defined by its creator. Viruses can come as email attachments, executable programs, attached to seemingly harmless files, or can be sent to a machine when it visits a particular website designed for just that sort of trickery.
The term virus was coined in 1984 by Fred Cohen of the University of Southern California in his paper “Computer Viruses – Theory and Experiments.” A computer virus has three distinct parts that define it: The infection mechanism, trigger, and payload.
The mechanism defines how the virus spreads. The trigger is the properties that must be in effect for the virus to execute. It might be at a certain date or time, in the presence of another program – such as Microsoft Word or launching an Internet browser, or when the user of the machine double clicks on a file.
The payload, much like a bomb, is the actual harmful part of the virus that will affect the system. Sometimes this is noticeable, causing a screen freeze. Other times it is intentionally done when a user is not present in the system to minimize the risk of discovery.
Worms, viruses, and other types of malware are most effective when people leave their computer systems unprotected. It’s a bit like leaving the front door open when you know there are thieves and burglars around at night. The best way to reduce the risk of your system being affected by worms and viruses is to invest in a good antivirus software product.
There are all kinds of different products for all different needs – price, business vs. personal, etc. Using a good antivirus comparison website will enable you to view the pros and cons and decide what solution is best for you.