Trojans, Worms, and Spyware

A Computer Security Professional's Guide to Malicious Code


  • Michael Erbschloe, Author, educator and security advisor, Washington, DC

Trojans, Worms, and Spyware provides practical, easy to understand, and readily usable advice to help organizations to improve their security and reduce the possible risks of malicious code attacks. Despite the global downturn, information systems security remains one of the more in-demand professions in the world today. With the widespread use of the Internet as a business tool, more emphasis is being placed on information security than ever before. To successfully deal with this increase in dependence and the ever growing threat of virus and worm attacks, Information security and information assurance (IA) professionals need a jargon-free book that addresses the practical aspects of meeting new security requirements. This book provides a comprehensive list of threats, an explanation of what they are and how they wreak havoc with systems, as well as a set of rules-to-live-by along with a system to develop procedures and implement security training. It is a daunting task to combat the new generation of computer security threats – new and advanced variants of Trojans, as well as spyware (both hardware and software) and “bombs” – and Trojans, Worms, and Spyware will be a handy must-have reference for the computer security professional to battle and prevent financial and operational harm from system attacks.
View full description


IT Computer and Information Security professionals, Security Managers, network administrators


Book information

  • Published: August 2004
  • ISBN: 978-0-7506-7848-3

Table of Contents

PrefaceDedicationAcknowledgementsIntroductionChapter One: Malicious Code OverviewWhy Malicious Code Attacks are DangerousThe Impact of Malicious Code Attacks on Corporate SecurityWhy Malicious Code Attacks WorkFlaws in Software Weaknesses in System and Network ConfigurationsSocial EngineeringHuman Error and FoolishnessHackers, Thieves, and SpiesAction Steps to Combat Malicious Code AttacksChapter Two: Types of Malicious CodeEmail VirusesTrojansBack DoorsWormsBlended ThreatsTime BombsSpy WareAd WareSteal Ware Action Steps to Combat Malicious Code AttacksChapter Three: Review of Malicious Code IncidentsHistoric TidbitsThe Morris WormMelissaLove BugCode Red(s)SirCamNimdaSlammerThe Summer of 2003 Barrage of Blaster, Sobig and MoreEarly 2004 with MyDoom, Netsky and MoreAction Steps to Combat Malicious Code AttacksChapter Four: Basic Steps to Combat Malicious CodeUnderstanding The RisksUsing Security Policies to Set StandardsSystem and Patch UpdatesEstablishing a Computer Incident Response TeamTraining for IT ProfessionalsTraining End UsersApplying Social Engineering Methods in an OrganizationWorking with Law Enforcement AgenciesAction Steps to Combat Malicious Code AttacksChapter Five: Organizing for Security, Prevention, and ResponseOrganization of the IT Security FunctionWhere Malicious Code Prevention fits Into the IT Security FunctionStaffing for Malicious Code Prevention in ITBudgeting for Malicious Code Prevention Evaluating Products for Malicious Code Prevention Establishing and Utilizing an Alert SystemsEstablishing and Utilizing a Reporting SystemCorporate Security and Malicious Code Incident InvestigationsAction Steps to Combat Malicious Code AttacksChapter Six: Controlling Computer Behavior of EmployeesPolicies on Appropriate Use of Corporate SystemsMonitoring Employee BehaviorSite Blockers and Internet FiltersCookie and Spyware BlockersPop Up BlockersControlling DownloadsSPAM ControlAction Steps to Combat Malicious Code AttacksChapter Seven: Responding to a Malicious Code IncidentThe First Report of a Malicious Code AttackThe Confirmation ProcessMobilizing the Response TeamNotifying ManagementUsing an Alert system and Informing End-UsersClean up and RestorationControlling and Capturing Malicious CodeIdentifying the Source of Malicious CodeThe Preservation of EvidenceWhen to Call Law EnforcementEnterprise Wide EradicationReturning to Normal OperationsAnalyzing Lessons LearnedAction Steps to Combat Malicious Code AttacksChapter Eight: Model Training Program for End-UsersExplaining why The Training is ImportantExplaining The Appropriate Use Policy for Computers and NetworksExplaining How the Help Desk and PC Support of the Organization WorksCovering the Basic Do’s and Don’ts of Computer Usage to Prevent AttacksProviding Basic Information about Malicious CodeExplaining How it Identify Potentially Malicious CodeExplaining What Employees Should to do if They Suspect Code is Malicious Explaining What Employees Should Expect From the IT Department During Incident Response.Performing the Administrative Aspects of a Training ProgramAction Steps to Combat Malicious Code AttacksChapter Nine: The Future of Malicious CodeMilitary Style Information WarfareOpen Source Information WarfareMilitancy and Social ActionHomeland Security EffortsAction Steps to Combat Malicious Code AttacksIndexAppendix A: Computer Security Resources