All
All

Malware Threats and Mitigation Strategies

173 KB | 3 files | null DOC,null PDF

If a system is compromised, organizations need to improve the ability to minimize their damage. The purpose of this guide is to inform organizations of this rapidly growing problem and provide best-practice defense tactics.

The nature of malicious code, or malware, (e.g., viruses, worms, bots) shifted recently from disrupting service to actively seeking financial gain. In the past, worms were designed primarily to propagate. The impact on victims and organizations was primarily a disruption of service resulting in loss of productivity and sometimes a loss in revenue. Now, many of the significant worms are designed to steal sensitive information such as credit card numbers, social security numbers, pin codes, and passwords and send the information to the attacker for nefarious purposes including identity theft.

Unfortunately, attackers have become very adept at circumventing traditional defenses such as anti-virus software and firewalls. Even encrypted web transactions may not protect sensitive information if the user's computer has been infected.

Because malware writers are circumventing the basic security controls many organizations have implemented, the community needs to increase user awareness regarding cyber security issues in order to minimize the opportunity for sensitive information from "leaking out" of an organization. If a system is compromised, organizations need to improve the ability to minimize their damage. The purpose of this guide is to inform organizations of this rapidly growing problem and provide best-practice defense tactics.

The attached Zip file includes:

  • Intro Page.doc
  • Cover Sheet and Terms.pdf
  • Malware Threats and Mitigation Strategies.pdf
IT Downloads help you save time and money while executing essential IT management tasks. Download this useful resource now and put it to work for your business.

This Download is provided by:

Partner logo

US-CERT is charged with providing response support and defense against cyber attacks for the Federal Civil Executive Branch (.gov) and information sharing and collaboration with state and local government, industry and international partners. US-CERT interacts with federal agencies, industry, the research community, state and local governments, and others to disseminate reasoned and actionable cyber security information to the public.

All IT Downloads from US-CERT» | Visit US-CERT »
Related IT Downloads

Compliance2 Building a GRC Program: Assessing Stakeholder Needs and Readiness

This table outlines the top needs of each stakeholder group that can help guide your conversations on priorities and needs for the GRC program. ...  More >>

Security95 Guide to Cyber Threat Information Sharing

This publication provides guidelines for establishing and participating in cyber threat information sharing relationships. ...  More >>

email9 Trustworthy Email

This document provides recommendations and guidelines for enhancing trust in email, including transmission and content security recommendations. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.