The nature of malicious code, or malware, (e.g., viruses, worms, bots) has shifted from disrupting service to actively seeking financial gain. In the past, worms were designed primarily to propagate. The impact on victims and organizations was primarily a disruption of service resulting in loss of productivity and sometimes a loss in revenue. Now, many of the significant worms are designed to steal sensitive information such as credit card numbers, social security numbers, pin codes, and passwords and send the information to the attacker for nefarious purposes including identity theft.
Unfortunately, attackers have become adept at circumventing traditional defenses such as anti-virus software and firewalls. Even encrypted web transactions may not protect sensitive information if the user’s computer has been infected. If a system is compromised, organizations need to improve the ability to minimize their damage.
The purpose of this paper is to inform organizations of this rapidly growing problem and provide best-practice defense tactics.