An ETHICAL WORM, also called a “benevolent worm” or “helper worm,” is developed to counteract the negative effects of malicious worms. Purposed with scanning for unsecured access points and installing intrusion specific security updates, an ethical worm fixes the weaknesses it finds with its payload of patch and repair code. This system is efficient in resolving security holes that could be exploited. Because it does not need to be individually initiated, an ethical worm can lead to faster response time to threats through bypassing typical protocol of system administrators.
One of the more famous malicious worms, Blaster (Lovesan) targeted Microsoft operating systems in 2003. It wriggled in through a loophole in the remote procedure call (RPC) process and slid in at TCP stack 135. Once in, it caused system failure and reboot, widespread DDoS attacks, and an estimated $320 million in damages. In response, Microsoft released an ethical worm, Welchia, also known as “Nachi,” to seek out the flaws that allowed Blaster access. It fixed these flaws and began a “seek-find-destroy” mission against Blaster. While regarded as moderately effective, critics point to the premise of helping to cloak unauthorized access to user machines and subsequent reboot the fix required as problematic from a privacy and security standpoint.
Somewhat ironically, experts in cyber ethics agree that the use of ethical worms is actually unethical. Herman T. Tavani, Professor of Philosophy at Rivier University, Co-Chair of the International Society for Ethics and Information Technology, and author of the book Ethics and Technology (2016) lists three categories of cybercrime: Cyberpiracy, cybertrespassing and cybervandalism. The use of ethical worms, despite the good intentions behind their development and implementation, falls under both cybertrespass and cybervandalism. The very nature of worms is that they replicate without user intervention. Whatever motives behind their creation, worms move extra-systemically and beyond the realms of maintenance. This lack of authorization, all while acquiring deep knowledge of privately owned machines and networks, is trespassing at its core.
An ethical worm is an agent of cyber vandalism in how it disrupts the transmission of data, either through taking up large amounts of bandwidth while replicating, or through modifying or destroying resident data. Ethical worms even have the potential to damage a system. Because some legitimate applications actually rely on known holes in the network or security structure in order to function as intended, to close those holes by an uninvited “fix” may inadvertently cause greater system harm. As in the physical world, trespassing and vandalism, even with good intentions, open the door to unintended consequences. These consequences may include lawsuits and accusations of privacy violations, claims for loss of business or profit, and declarations of hardware, software, or system damages. Not only this, but for an ethical worm to be truly effective, there must be a level of consensus among industry standards and protocols. But when these specifications and individual protocols are published, hackers gain open source access to them and can corrupt them for nefarious purposes.
Overall, while the concept behind an ethical worm is noble, utilitarianism and efficiency; the trade-offs of privacy and security; and the potential of it falling into the wrong hands; makes its use highly controversial.
For further reading, the fourth edition of Herman T. Tavani’s Ethics and Technology can be accessed here for free.