The worms, viruses, and other wildlife that exist in computers and networks are the descendants of early experiments with autonomous or symbiotic programs. Once unleashed into the wild, these rogue programs can multiply freely. They enter networks from the outsidethat is, from connected networks or the Internetand they enter networks from the insidethat is, from computers and media that users bring from home. Most viruses are nearly harmless. They deprive the network of little more than computer processing time and communications bandwidth, of which there is usually plenty. These viruses exist as a chance for programmers to demonstrate their skills. Others can be devastating, crippling computers, robbing network owners of massive amounts of bandwidth, stealing secrets, defeating security, corrupting data or holding it hostage, even taking down entire systems. These extreme examples demonstrate how creating and propagating viruses and worms can be criminal, even terroristic, in scope.
Effective computer security policies and practices can do much to eliminate the spread of viruses and worms. In the end, however, nothing can do more to stop the spread of pathogenic programs than educating and training users in virus prevention.