The lowdown on malware
Software written for malicious purposes, such as:
How does it get on my network?
- viruses, or programs that spread through altered or 'infected' data files
- Trojan horses, or software that poses as something else to get a computer user to execute its function
- spyware, or software that tracks the activities of a computer user and reports them back to the developer
- back-doors, or software that provides a way for a hacker to circumvent security and gain access to functions of the computer the software is installed on.
The most common approach to spreading malware is by e-mail, via attached files. Worm Trojans and viruses can hijack an infected computer's e-mail client to send hundreds or thousands of copies of itself to addresses in the user's e-mail address book or in any other files on the computer. Trojans such as the recent MyDoom disguise where they've come from by spoofing the address of a person found in the address book.
Another increasingly common approach is to exploit other weaknesses in operating system security. MSBlaster exploited a problem with Microsoft Windows' use of Remote Procedure Calls; Code Red used weaknesses in Microsoft SQL Server to spread itself.How much will protection cost me?
Depending on how thick you lay on the protection, it can cost as little as $20 per user per year, or as much as $100 per user for more complete protection.Must-know info?
The best approach is a defense in depth. This includes a mail scanner at the server or mail gateway to block incoming messages with viruses or Trojans, desktop virus scanners to stop viruses and other malware that get onto systems by other means, and management software to control access policies to desktops and quickly deploy patches to vulnerabilities.