Worms

Piece of malicious software, much like a virus, but it can replicate itself without any user interaction
Key difference between worm and virus:
- A virus requires a user to perform some action like clicking in a malicious web link, opening a file or connecting a mass storage device to your system.
- A worm is able to self-replicate and spread throughout your network without a user's consent or their action
  - A worm will take advantage of vulnerabilities in our OSs and applications if our organizations don't mitigate these vulnerabilities.
  - A worm can scan your network and determine if a system is missing a patch or having a vulnerability

Infect your workstation and other computing assets
Cause disruptions to your normal network traffic since they are constantly trying to replicate and spread themselves across the network
- Can cause DDoS Attacks

Worms are best known for spreading far and wide over the internet in a relative short amount of time
Examples:
- Worm named Nimda
- Conficker (2009) is one of the larges worms, because it was able to infect between 9 and 15 million machines
  - Was infecting as many machines as it could find and all these machines were missing a critical security patch for the Windows Operative System, specifically the Microsoft patch known as 08-067.
  - This security patch was designed to solve software vulnerability inside the way Windows was doing file and printer sharing.
  - Conficker would actively scan every resource on an infected organization's internal network as well as across the internet.
  - Botnet.
  - Cybersecurity professionals were able to shut down the attacker's botnet before it was used for any malicious or nefarious purposes.