A worm is malware designed to copy itself and spread independently across computer networks and devices. Unlike viruses, worms do not need to attach to existing programmes or files to propagate. They exploit vulnerabilities in operating systems, network services, or unpatched software to move from one machine to another automatically.
Worms typically spread through network connections, email, file-sharing programmes, or removable media. Once on a device, they can consume bandwidth, slow systems, delete files, steal data, or act as a delivery mechanism for ransomware or spyware. Famous historical examples include the Morris Worm (1988), which crashed thousands of computers, and WannaCry (2017), which encrypted files across organisations globally.
Common characteristics:
- Self-replicating without user intervention
- Spread via network vulnerabilities rather than user action
- Can operate independently without a host programme
- Often carry secondary payloads like ransomware or information-stealing tools
Protection measures: Keep operating systems and software updated with the latest security patches, as worms frequently exploit known vulnerabilities. Use reputable antivirus software with real-time scanning. Disable unnecessary network services. Be cautious with email attachments and downloads from untrusted sources. Maintain regular backups of important files. For organisations, network segmentation and firewalls can limit worm propagation.
The distinction between worms and viruses matters for understanding how threats spread. Viruses require human action to activate an infected file. Worms spread automatically, making them potentially more damaging at scale.