User:Invokerishard/Computer worm

Harm

Any code designed to do more than spread the worm is typically referred to as the "payload". Typical malicious payloads might delete files on a host system (e.g., the ExploreZip worm), encrypt files in a ransomware attack, or exfiltrate data such as confidential documents or passwords.

Probably the most common payload for worms is to install a backdoor. This allows the computer to be remotely controlled by the worm author as a "zombie". Networks of such machines are often referred to as botnets and are very commonly used for a range of malicious purposes, including sending spam or performing DoS attacks.

Above copied from Computer worm Wikipedia article.

Below consists of original contribution

Some special worms attack industrial systems in a targeted manner. Like Stuxnet，Stuxnet virus does not need to be transmitted through a network connection. This virus can destroy the core production control computer software used by chemical, power generation and power transmission companies in various countries around the world, and instead "issue orders" to other computers in the factory. It is a malicious virus written specifically for industrial control systems, which can use multiple vulnerabilities in Windows systems and Siemens SIMATICWinCC systems to attack. Although these systems operate independently from the network as long as the operator inserts a virus-infected U disk into the system's USB interface, the virus will be unknowing (Without any other operational requirements or prompts) to gain control of the system.^[1]^[2]^[3]

Worms with good intent(Want to add meaning, but also looking for related articles.This is still the original directory draft)

Main article: Helpful worm

Beginning with the very first research into worms at Xerox PARC, there have been attempts to create useful worms. Those worms allowed testing by John Shoch and Jon Hupp of the Ethernet principles on their network of Xerox Alto computers. The Nachi family of worms tried to download and install patches from Microsoft's website to fix vulnerabilities in the host system—by exploiting those same vulnerabilities. In practice, although this may have made these systems more secure, it generated considerable network traffic, rebooted the machine in the course of patching it, and did its work without the consent of the computer's owner or user. Regardless of their payload or their writers' intentions, most security experts regard all worms as malware.

Several worms, like XSS worms, have been written to research how worms spread. For example, the effects of changes in social activity or user behavior. One study proposed what seems to be the first computer worm that operates on the second layer of the OSI model (Data link Layer), it utilizes topology information such as Content-addressable memory (CAM) tables and Spanning Tree information stored in switches to propagate and probe for vulnerable nodes until the enterprise network is covered.

Defination

Dedination is an original contribution

A worm is a type of code that can replicate itself and spread through the network, usually without human intervention. After a worm invades and completely controls a computer, it will use this machine as a host to scan and infect other computers. When these new worm-invaded computers are controlled, the worm will continue to scan and infect other computers using these computers as hosts, and this behavior will continue. Worms use this recursive method to spread, distributing themselves according to the law of exponential growth, and then controlling more and more computers in time.^[4]^[5]

Reference

^ Bronk, Christopher; Tikk-Ringas, Eneken (2013-04-03). "The Cyber Attack on Saudi Aramco". Survival. 55 (2): 81–96. doi:10.1080/00396338.2013.784468. ISSN 0039-6338.
^ Lindsay, Jon R. (2013-07). "Stuxnet and the Limits of Cyber Warfare". Security Studies. 22 (3): 365–404. doi:10.1080/09636412.2013.816122. ISSN 0963-6412. {{cite journal}}: Check date values in: |date= (help)
^ Wang, Guangwei; Pan, Hong; Fan, Mingyu (2014). "Dynamic Analysis of a Suspected Stuxnet Malicious Code". Proceedings of the 3rd International Conference on Computer Science and Service System. Paris, France: Atlantis Press. doi:10.2991/csss-14.2014.86. ISBN 978-94-6252-012-7.
^ Zhang, Changwang; Zhou, Shi; Chain, Benjamin M. (2015-05-15). "Hybrid Epidemics—A Case Study on Computer Worm Conficker". PLOS ONE. 10 (5): e0127478. doi:10.1371/journal.pone.0127478. ISSN 1932-6203.{{cite journal}}: CS1 maint: unflagged free DOI (link)
^ Lawton, George (2009-06). "On the Trail of the Conficker Worm". Computer. 42 (6): 19–22. doi:10.1109/mc.2009.198. ISSN 0018-9162. {{cite journal}}: Check date values in: |date= (help)

[1] Bronk, Christopher; Tikk-Ringas, Eneken (2013-04-03). "The Cyber Attack on Saudi Aramco". Survival. 55 (2): 81–96. doi:10.1080/00396338.2013.784468. ISSN 0039-6338.

[2] Lindsay, Jon R. (2013-07). "Stuxnet and the Limits of Cyber Warfare". Security Studies. 22 (3): 365–404. doi:10.1080/09636412.2013.816122. ISSN 0963-6412. {{cite journal}}: Check date values in: |date= (help)

[3] Wang, Guangwei; Pan, Hong; Fan, Mingyu (2014). "Dynamic Analysis of a Suspected Stuxnet Malicious Code". Proceedings of the 3rd International Conference on Computer Science and Service System. Paris, France: Atlantis Press. doi:10.2991/csss-14.2014.86. ISBN 978-94-6252-012-7.

[4] Zhang, Changwang; Zhou, Shi; Chain, Benjamin M. (2015-05-15). "Hybrid Epidemics—A Case Study on Computer Worm Conficker". PLOS ONE. 10 (5): e0127478. doi:10.1371/journal.pone.0127478. ISSN 1932-6203.{{cite journal}}: CS1 maint: unflagged free DOI (link)

[5] Lawton, George (2009-06). "On the Trail of the Conficker Worm". Computer. 42 (6): 19–22. doi:10.1109/mc.2009.198. ISSN 0018-9162. {{cite journal}}: Check date values in: |date= (help)

[1]

[2]

[3]

[4]

[5]