This bulletin provides information about "malware," a term used to describe malicious code and malicious software that are covertly inserted into an information technology (IT) system to compromise the confidentiality, integrity, or availability of the data, applications, or operating system, or to annoy or disrupt the system's owner. The bulletin advises organizations and users about malware incidents which are a significant external threat to the security of many IT systems, often causing widespread damage and disruption, and forcing users and organizations to carry out extensive, costly efforts to restore system security. The bulletin discusses the five categories of inserted programs: viruses, worms, Trojan horses, malicious mobile code, and blended attacks. Attacker tools including backdoors, rootkits, and keystroke loggers, and tracking cookies, which are used as spyware, are described. Also covered are NIST's recommendations for preventing malware incidents to the extent possible, and the handling of malware incidents that might occur.
This bulletin provides information about "malware," a term used to describe malicious code and malicious software that are covertly inserted into an information technology (IT) system to compromise the confidentiality, integrity, or availability of the data, applications, or operating system, or to...
See full abstract
This bulletin provides information about "malware," a term used to describe malicious code and malicious software that are covertly inserted into an information technology (IT) system to compromise the confidentiality, integrity, or availability of the data, applications, or operating system, or to annoy or disrupt the system's owner. The bulletin advises organizations and users about malware incidents which are a significant external threat to the security of many IT systems, often causing widespread damage and disruption, and forcing users and organizations to carry out extensive, costly efforts to restore system security. The bulletin discusses the five categories of inserted programs: viruses, worms, Trojan horses, malicious mobile code, and blended attacks. Attacker tools including backdoors, rootkits, and keystroke loggers, and tracking cookies, which are used as spyware, are described. Also covered are NIST's recommendations for preventing malware incidents to the extent possible, and the handling of malware incidents that might occur.
Hide full abstract
Keywords
information system security; information technology; malicious code; malicious software; malware; vulnerabilities