Headless Worms Target Headless Devices in 2016. A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Are you nurturing a headless worm? The new year will likely bring entirely new worms and viruses able to propagate from device to device. 2016 will see the first “headless worms” — malicious code — targeting “headless devices” such as smartwatches, smartphones and medical hardware. There are other various worms today that are designed to infect embedded devices such as home routers, but these have User Interfaces and connectivity features that allow them to be managed and infections remediated. Headless worms: Viruses were always present but brace yourself for newer ones! ‘Headless worms’ would be the appropriate term used that are likely to travel from device to device in the forms of suspicious codes and can manifest themselves in smartphones, medical kits, and innovative watches. That doesn’t mean computers are safe! With such codes having a greater chance of multiplying across several other connected devices, there is an extra reason to be anxious about.

Headless Worms Target Headless Devices

Headless Worms Target Headless DevicesHeadless worms are nasty bits of code that will float through millions and millions of computers. The potential for harm when such threats can multiply across billions of connected devices is orders of magnitude greater. The largest we’ve seen to date is about 15 million infected machines controlled by one network with an attack surface of 20 billion devices. Certainly that number can easily spike to 50 million or more. You can suddenly have a massive outage globally in terms of all these consumer devices just simply dying and going down. 1989: The Morris worm was designed to propagate through Unix operating systems and resulted in an estimated $100,000-$10,000,000 in damages. The first CERT team was established to combat this threat.

Threat: Headless Worms Target Headless Devices

Related to the rise in machine to machine attacks, the “headless devices” driven by the Internet of Things will also become a focus of worms and viruses that are designed to independently target and automatically propagate to other devices via trusted communication protocols. These viruses could be designed to cause the systematic failure of devices and the damages would be far more substantial as the numbers of IoT devices grows into the billions.

Future Outlook: The Morris worm (1989) struck at a time where there were only 60,000 devices connected to the internet and estimates put the number of infected devices at around 6,000 or 10%. This number becomes far more substantial for popular devices like fitness trackers that currently have tens of millions of devices sold and in use.

Research shows that it is possible to infect headless devices with small amounts of code. Exploits like these could lead to device to device propagation of worms, i.e. smartwatch to smartwatch malware, that spread through trusted communication protocols.

Sources: Gartner.com & Fortinet.com

Leave a Reply