malicious code awareness n.
Skip this Video
Loading SlideShow in 5 Seconds..
Malicious Code Awareness PowerPoint Presentation
Download Presentation
Malicious Code Awareness

Malicious Code Awareness

169 Vues Download Presentation
Télécharger la présentation

Malicious Code Awareness

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Malicious Code Awareness Virus Defense for Users Created: October 2004

  2. Malicious Code Awareness Training Why Virus Awareness Training? This training will provide all users: • Enough data to make informed decisions about viruses • An understanding of criminal tactics used to infiltrate computers Viruses threaten all information systems.

  3. Malicious Code Awareness Training Critical Thinking • Am I expecting this attachment? • Is this the normal format of this file? • Is my antivirus software running correctly? • My machine seems slower than normal, should I report it?

  4. Malicious Code Awareness Training Is My Machine a Target? Yes • Viruses do not discriminate • Every organization is a target of criminals at some point • Any machine that houses financial information (reports, personnel data, credit card numbers, etc.) is a target

  5. Malicious Code Awareness Training How Can I Be Targeted? Email • Email should be considered suspect unless digitally signed by someone you know • Email “spoofing” is very easy, do not trust “From:” fields

  6. Malicious Code Awareness Training Email Attachments • Delete any attachment that you are not expecting • Do not open files of any type that are not anticipated (even if they appear to be harmless) EXE PIF COM BAT SCR VBS JPG

  7. Malicious Code Awareness Training Scams • Also known as “phishing” attempts • Do not follow requests for personal info in email • Do not trust links printed in messages, they may not lead where they appear to

  8. Malicious Code Awareness Training Email Review • No part of an unsigned, unexpected email should be trusted without investigation • “From,” Subject, and Message body can be easily crafted to fool anyone

  9. Malicious Code Awareness Training What Should I Do? • Be suspicious of any unexpected, unverifiable email, regardless of apparent source • Report/forward all suspicious email messages to security personnel

  10. Malicious Code Awareness Training Network Worms Viruses that spread without user intervention (without opening a file) • Worms exploit system vulnerabilities to gain unauthorized computer access • Often create noticeable slowdowns on host systems MyDoom Sasser Blaster Klez

  11. Malicious Code Awareness Training What Do I Watch For? • Report the presence of any suspicious file found on network • Reports of widespread virus activity • Such as the reports of Blaster & Sasser • Any abnormal system condition that cannot be explained: • Network access extremely slow • Computer hard drive is constantly in use

  12. Malicious Code Awareness Training Nefarious Web Content • Spyware/Adware prominent on the Internet • Often allows additional unwanted software to enter PC • Threatens internal data as well as normal network operations • Can come from anywhere

  13. Malicious Code Awareness Training What Do I Watch For? • Random pop-ups, especially advertisements for random products • Changes in normal web browser routines • New Home page at startup • Unknown toolbars/icons • New applets in the System Tray (next to the clock)

  14. Malicious Code Awareness Training Spyware Reporting • Document all suspicious Internet activity • Report all unknown configuration and software changes to security personnel • Do not just “put up with” random advertisements and redirections

  15. Malicious Code Awareness Training Normal Vigilance • Don’t visit web sites unassociated with work topics • Periodically check that antivirus signatures are current • Be aware of any new/suspicious files or folders that appear on your machine or servers

  16. Malicious Code Awareness Training How Do I Avoid Malware? • Do not download or install any software from the Internet without direction from network support • Do not open email/attachments from unknown sources • Do not open unexpected/verified attachments

  17. Malicious Code Awareness Training Report All Suspicious Activity Information Assurance Team: