Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Preventing and Handling Malware Incidents: How to Protect Information Technology Systems from Malicious Code and Software

Published

Author(s)

Shirley M. Radack

Abstract

This bulletin provides information about "malware," a term used to describe malicious code and malicious software that are covertly inserted into an information technology (IT) system to compromise the confidentiality, integrity, or availability of the data, applications, or operating system, or to annoy or disrupt the system's owner. The bulletin advises organizations and users about malware incidents which are a significant external threat to the security of many IT systems, often causing widespread damage and disruption, and forcing users and organizations to carry out extensive, costly efforts to restore system security. The bulletin discusses the five categories of inserted programs: viruses, worms, Trojan horses, malicious mobile code, and blended attacks. Attacker tools including backdoors, rootkits, and keystroke loggers, and tracking cookies, which are used as spyware, are described. Also covered are NIST's recommendations for preventing malware incidents to the extent possible, and the handling of malware incidents that might occur.
Citation
ITL Bulletin -

Keywords

information system security, information technology, malicious code, malicious software, malware, vulnerabilities

Citation

Radack, S. (2005), Preventing and Handling Malware Incidents: How to Protect Information Technology Systems from Malicious Code and Software, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=150582 (Accessed December 13, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created December 22, 2005, Updated May 4, 2021