The nature of malicious code, or malware, (e.g., viruses, worms, bots) shifted recently from disrupting service to actively seeking financial gain. In the past, worms were designed primarily to propagate. The impact on victims and organizations was primarily a disruption of service resulting in loss of productivity and sometimes a loss in revenue. Now, many of the significant worms are designed to steal sensitive information such as credit card numbers, social security numbers, pin codes, and passwords and send the information to the attacker for nefarious purposes including identity theft.
Unfortunately, attackers have become very adept at circumventing traditional defenses such as anti-virus software and firewalls. Even encrypted web transactions may not protect sensitive information if the user’s computer has been infected.
Because malware writers are circumventing the basic security controls many organizations have implemented, the community needs to increase user awareness regarding cyber security issues in order to minimize the opportunity for sensitive information from “leaking out” of an organization. If a system is compromised, organizations need to improve the ability to minimize their damage. The purpose of this guide is to inform organizations of this rapidly growing problem and provide best-practice defense tactics.
The attached Zip file includes:
• Intro Page.doc
• Cover Sheet and Terms.pdf
• Malware Threats and Mitigation Strategies.pdf
Related Knowledge Network Content
There are no comments on this document
Strategic IT Planning & Governance Best Practices Guide
Use this guide — along with the more than 60 templates included — to ensure the overall success of your entire IT department.
ITIL V3 Foundation - Complete Certification Kit
Enhance your IT career by getting your ITIL Foundation Certificate. It's fast and easy with this complete resource. The 186-page eBook and companion online training course is guaranteed to help you pass the ITIL exam.
