Guide to Malware Incident Prevention and Handling

2.2 MB | 3 files
PDFDOC

These guidelines offer detailed guidance on prevention and response measures to the leading malware threats, from spyware to backdoors to rootkits. A consistent approach across the enterprise is key.


Partner logo

NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

All IT Downloads from National Institute of Standards and Technology » | Visit National Institute of Standards and Technology »

From National Institute of Standards and Technology | Sep 16, 2009

Malware, also known as malicious code and malicious software, refers to a program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim's data, applications, or operating system or otherwise annoying or disrupting the victim. Malware has become the most significant external threat to most systems, causing widespread damage and disruption, and necessitating extensive recovery efforts within most organizations. Spyware - malware intended to violate a user's privacy - has also become a major concern to organizations. Although privacy-violating malware has been in use for many years, it has become much more widespread recently, with spyware invading many systems to monitor personal activities and conduct financial fraud. Organizations also face similar threats from a few forms of non-malware threats that are often associated with malware. One of these forms that has become commonplace is phishing, which is using deceptive computer-based means to trick individuals into disclosing sensitive information. Another common form is virus hoaxes, which are false warnings of new malware threats.

This publication provides recommendations for improving an organization's malware incident prevention measures. It also gives extensive recommendations for enhancing an organization's existing incident response capability so that it is better prepared to handle malware incidents, particularly widespread ones. The recommendations address several major forms of malware, including viruses, worms, Trojan horses, malicious mobile code, blended attacks, spyware tracking cookies, and attacker tools such as backdoors and rootkits. The recommendations encompass various transmission mechanisms, including network services (e.g., e-mail, Web browsing, file sharing) and removable media.

The attached Zip file includes:

  • Intro Page.doc
  • Cover Sheet and Terms.pdf
  • Guide to Malware Incident Prevention and Handling.pdf
IT Downloads help you save time and money while executing essential IT management tasks. Download this useful resource now and put it to work for your business.

White Papers, Events, and Resources

Microsoft Dynamics AX Solutions from IBM: Powerful, Agile, and Simple Enterprise Resource Planning

Has your business outgrown your existing enterprise resource planning (ERP) system? Read this white paper to learn how a Microsoft Dynamics-based ERP strategy can help you meet these challenges.

vRanger, the Powerful VMware Recovery Solution

Cut your backup time in half — while using less storage space — for free! vRanger is powerful, easy to use, grows with your needs and is blazing fast. Change your approach to virtual backup and recovery. Get your free trial.