A computer worm is a sort of malware that spreads duplicates of itself from one PC to another A worm can repeat itself with no human interaction, and it doesn't have to append itself to a software program to cause damage (NortonLifeLock employee,2019).

How does a worm attack work?

What are the types of computer worms?

There is no all-inclusive grouping of PC worms, however, they can be organized into types depending on how they are appropriated between PCs. The five common sorts are as the following:

1- Internet Worms: As they do with PC networks, PC worms likewise target popular sites with inadequate security.  At the point when they figure out how to infect the webpage, webworms can reproduce themselves onto any PC being utilized to get to the site being referred to. From that point, webworms are distributed to other associated PCs through the web and local area network connections (Moes, 2014).

2-Email Worms: Email worms are frequently circulated by means of email attachments.  They ordinarily have double extensions (for instance, .mp4.exe or .avi.exe) so the recipient would believe that they are media files and not malicious PC programs.  At the point when the victims click on the attachment, duplicates of a similar infected file will consequently be sent to addresses from their contacts list (Moes, 2014).

3-  Instant Messaging Worms: Instant messaging worms are actually similar to email worms, the only difference being their method of distribution.  Once again, they are masked as attachments or clickable links to websites. They are regularly accompanied by short messages like "Haha" or "You need to see this!" to fool the victim into believing that their companion is sending them an entertaining video to take a look at (Moes, 2014).

4- File-Sharing Worms: Although illegal file-sharing and peer-to-peer file moves are still used by many individuals all throughout the planet.  Doing as such, they are accidentally presenting their PCs to the threat of file-sharing worms. Like email and instant messaging worms, these programs are veiled as media files with double expansions. When the victim opens the downloaded file to view it or listen to it, they will download the worm to their computer (Moes, 2014).

5-  IRC Worms: Web Relay Chat (IRC) is an informing application that is mostly outdated nowadays but was all the rage at the turn of the century. Same as with today’s instant messaging platforms, computer worms were distributed via messages containing links and attachments. The latter was less effective due to an extra layer of protection that prompted users to accept incoming files before any transfer could take place (Moes, 2014).

How to avoid Worm Attack?

Reference: 

MOES, T (2019) What is a Computer Worm? [Online] SOFTWARELAB. Available from: What is a Computer Worm? The Top 5 Examples You Need to Know (softwarelab.org) [Accessed 06/06/21].

CIMPANU, C (2016) PhotoMiner Worm Spreads via Vulnerable FTP Servers, Mines for Crypto-Currency [Online] SOFTPEDIA. Available from: PhotoMiner Worm Spreads via Vulnerable FTP Servers, Mines for Crypto-Currency (softpedia.com) [Accessed 06/06/21].

BRIGHTHUB (2010) Computer Worms: How to Avoid Them? [Online] BRIGHTHUB. Available from: Computer Worms: How to Avoid Them? - Bright Hub [Accessed 06/06/21].

KNOPP, T (2017) Worm cyber attack symbol with laptop and red worm, isolated on blue background [Online] DREAMSTIME. Available from: Worm Cyber Attack Symbol With Laptop And Red Worm, Isolated On Blue Background Stock Illustration - Illustration of icon, presentation: 161890485 (dreamstime.com) [Accessed 06/06/21].

Bricata’s platform makes it easy to get direct answers for alerts and protect network environments in real-time (bricata,2021).

I the shown picture, I demonstrated the explanation of each main tab in Bricata Software.

After clicking Hunt button it will permit us to instantly see everything the affected host has been doing. This host is producing countless alerts. As well as the different networks that are communicating with. In addition, it will let you know if you have to be careful about lateral movement or malware propagation from this host. 

(Author's Screenshot)

Furthermore, applying Groups to the view allows us rapidly to bunch huge volumes of metadata.

(Author's Screenshot)

The Resp IP and Services utilized in communication with the suspect network that gives us no motivation to think this host is proliferating malware along the side.

(Author's Screenshot)

Moreover, in Tags, you can customise tags for alerts to indicates these alerts need attention. And that could be by choosing between Authorities, expire- cert and IR target.

Reference:

BRICATA (2021) BRICATA PRODUCT TOUR. [Online] BRICATA. Available from:Tour the Dashboard - Bricata Network Detection & Response Platform [Accessed 05/06/21].

 Bricata Software:

It is the leader in complete organization assurance. The Bricata solution gives unmatched network permeability, full-range threat identification, threat chasing, and post-location reaction capacities in a natural, firmly coordinated, and self-overseeing system. Its automated detection, productive GUIs, and expert system workflows make it easy-to-use for novices, while granular control of its engines, access to rich network metadata and PCAPs, and threat hunting capabilities give experts the power and control they demand. Bricata has been demonstrated to speed incident resolution by up to eight times by dependably recognizing threats and giving the setting important to get to truth rapidly and act(garlandtechnology,2021).

Benefits:

1-ML-Based Malware Conviction: automated analysis performed instantly by statically analyzing each item, identifying malicious behaviour and prioritizing analyst workflow (bricata,2021).

2-Speed of Response: with Bricata, analysts can close the gap between detection and response faster than ever and accelerate incident response(bricata,2021).

3-Smart PCAP: quickly access relevant data during an investigation with reduced storage requirements from Smart PCAP (bricata,2021).

4-Customizable & Flexible: bricata’s powerful platform is flexible and can be customized to create the workflows, use cases and integrations to meet your specific needs. (bricata,2021).

Who uses Bricata?

1-Companies: can quickly eliminate blind spots in their environment in the data center or the cloud and easily scale(bricata,2021).

2-Security Teams: can maximize talent and be more efficient and effective(bricata,2021).

3-Analyst: can see real-time metadata, tune detections and get direct answers quickly(bricata,2021).

 Kevin Mitnick the most dangerous hacker, besides one of the FBI's most wanted, his biography began when he found himself in hacking in his childhood. At age 16, he accessed the organization of DEC and penetrated to some files which led him to be sentenced to prison to 1 year in jail in 1988. Then he escaped from jail, yet the FBI found him in 1995. However, he admitted that his ingenuity is caused by his social engineering skill. Despite all his trials, he is now a confided in a security consultant to the Fortune 500 and governments around the world.  

CLARA, S (2016) Kevin Mitnick, "The World's Most Famous Hacker," to Give Closing Keynote at Bloxfest, the Infoblox Customer Conference. [Online] GLOBENEWSWIRE. Available from:Kevin Mitnick, "The World's Most Famous Hacker," to Give (globenewswire.com)[Accessed 04/06/21].