A virus is a piece of code (for example, a program or a script) that an end user executes.
A worm, however, can infect a system or propagate to other systems without intervention from the end user. A computer worm is a self-replicating computer program that penetrates an operating system with the intent of spreading malicious code. Worms utilize networks to send copies of the original code to other computers, causing harm by consuming bandwidth or possibly deleting files or sending documents via email. Worms can also install backdoors on computers.
Worms are often confused with computer viruses; the difference lies in how they spread. Computer worms self-replicate and spread across networks, exploiting vulnerabilities, automatically; that is, they don’t need a cybercriminal’s guidance, nor do they need to latch onto another computer program. As such, computer worms pose a significant threat due to the sheer potential of damage they might cause.
A particularly notorious incident occurred in 1988. A computer worm since named the Morris worm caused hundreds of thousands, if not millions, of dollars in damage, and its creator was convicted under the Computer Fraud and Abuse Act.
Common modes of connected transport for computer worms include attachments, file sharing networks and links to infected websites. Since worms exploit vulnerabilities, it’s vital to stay on top of security updates and patches. Security software is highly recommended for all computers, as is the additional precaution of a firewall.
Finally, a Trojan horse is a program that appears to be for one purpose (for example, a game) but secretly performs another task (such as collecting a list of contacts from an end user’s e-mail program).