>can a virus spread from USB storage device to a computer when no files are transferred, but just by being plugged in?
Yes. If the virus has been designed to spread through USB devices, it almost certainly requires no user interaction beyond plugging the device in, assuming the port is enabled and no specific precautions have been taken.
>if a USB storage device had once been plugged into a computer with worms, is it safe to plug it into another computer?
No
>what about between different operating systems?
I'm not aware of any malware that can spread between windows and unix-like OSes.
>a virus can write itself into firmware/hardware where it can't be gotten rid of?
There is some malware that can infect the UEFI, I believe. It's fairly rare, though.
>are there hack tools that make it possible to access a computer with only basic information like an IP address?
I don't think so. But once you have the IP address, you can collect additional information with port scans and the like. If the computer acts as a server, it's then possible to try to access it.
>can an attacker get into the modem?
Depends. You have to keep in mind that a modem is really just a specialized computer, so it's certainly not impossible.
>how to protect a computer from advanced malware?
Don't use Windows.
Keep your shit up to date.
Use common sense and basic precautions(such as not running your browser as a root).
The only 100% certain way to protect your computer from malware is to never connect it to the internet in any way or form, but the above will get you pretty close.