A computer worm is a type of malware that can self-replicate and spread without human interaction once it has entered a system. Since the first documented computer worm, the Morris Worm, infected and shut down systems in 1988, the use of worms as malware has continued to grow, even during the current health crisis. RELATED: HIPAA Data Breaches Also Surge During the Age of Coronavirus Let’s explore the problems caused by malware and computer worms, and why covered entities (CEs) need strong cybersecurity to safeguard patients’ protected health information (PHI).
The risks of malware
Malware (or malicious software) is a general term for intrusive software that exploits or infects a system. It can come in many forms, including viruses, adware, spyware, ransomware, Trojans, and of course, worms.
RELATED: The Costs of Ransomware Attacks
Malware is typically relayed to victims through phishing emails, sent en masse, or to targeted individuals through spear phishing. Threat actors sometimes use social engineering to convince someone to download or load software, programs, or apps, thereby executing the malware.
And while phishing remains the most common way that malware infects a system because of what is known as the human factor, it’s not the only method. The six points of entry are email, the network, the user, web applications, remote access portals, and mobile devices. Hackers identify a potential target and entry point, gather information, then gain access in order to:
- Steal data or install malicious code
- Demand a ransom
- Monitor for information
- Take control
Types of computer worms
Generally, a worm enters a system or transmits to another network through a software vulnerability or link/attachment in a phishing email.
Before the Internet and increased connectivity, worms spread from storage media devices (e.g., floppy disks) to computers in the same network. Now that everyone is linked, a worm can remain on the first system while also skipping around from one place to the next. Types of worms include:
- Bot worm – turns computers into zombies or bots
- Cryptoworm – spreads and encrypts data
- Email worm – spreads through phishing emails
- Ethical worm – propagates across networks through security patches
- Hybrid virus/worm – spreads like a worm but modifies code like a virus
- Instant Messaging (IM) worm – propagates through IM services to exploit contact lists
Well-known worms are MyDoom (fastest spreading email worm), ILOVEYOU (one of the most virulent malware ever created), and Stuxnet (originally aimed at Iran’s nuclear facilities). Worms can modify and delete files, inject additional malware, steal data, or install a backdoor. Sometimes a worm can just make copies of itself, depleting a system’s hard drive space or bandwidth. Today’s worms almost inevitably are malicious and include some type of payload or code to do even more damage. And the risks of such attacks, particularly against CEs, are astronomical.
Computer worms and healthcare
CEs, with their complex technological infrastructures and abundant (outdated) connected devices, are particularly susceptible to cyberattacks. Especially when hackers want PHI. The reliance on smart devices (e.g., tablets to collect data and medical devices) is necessary in healthcare, but using them provides an easy point of entry for cybercriminals. A study found that the ransomware cryptoworm WannaCry still impacted CEs two years after deployment because of unpatched systems.
RELATED: 3 Key Lessons Learned From WannaCry Ransomware Cyberattacks
NotPetya caused over $10 billion in damage worldwide at the same time affecting critical patient care capabilities for several CEs. For healthcare organizations to survive, they must focus on detection and prevention to stop such worms from propagating and destroying data.
How do you avoid a computer worm?
Unfortunately, attacks will likely only increase over time, which is why it is important to utilize strong, layered cybersecurity. Solid cyber safeguards will slow down (if not stop) breaches and healthcare HIPAA violations.
RELATED: HIPAA Stands For . . .
Organizations must first focus their cybersecurity plan on employee awareness training. For example, employees should know how to identify a computer worm: random changes to memory, storage, monitor speed, and performance. There may also be missing or new files. Training must be continuous, up-to-date, and constantly tested. New cyber problems emerge daily, which is why employees need to be able to recognize and block malware.
Second, cybersecurity must include resilient email security (i.e., HIPAA compliant email), such as Paubox Email Suite Plus. Paubox Email Suite Plus provides needed outbound and inbound security, such as its ability to block phishing emails. And finally, CEs should utilize other worm-prevention cybersecurity methods:
- Up-to-date/patched hardware and software
- Strong antivirus software
- Regular offline PHI back up
- A firewall
With the correct mesh of cyber tools, interconnectivity and the use of technology can be relatively safe for the healthcare industry so that CEs can focus on patient care.
Try Paubox Email Suite for FREE today.
Subscribe to Paubox Weekly
Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.