An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Preventing and Handling Malware Incidents: How to Protect Information Technology Systems from Malicious Code and Software
Published
Author(s)
Shirley M. Radack
Abstract
This bulletin provides information about "malware," a term used to describe malicious code and malicious software that are covertly inserted into an information technology (IT) system to compromise the confidentiality, integrity, or availability of the data, applications, or operating system, or to annoy or disrupt the system's owner. The bulletin advises organizations and users about malware incidents which are a significant external threat to the security of many IT systems, often causing widespread damage and disruption, and forcing users and organizations to carry out extensive, costly efforts to restore system security. The bulletin discusses the five categories of inserted programs: viruses, worms, Trojan horses, malicious mobile code, and blended attacks. Attacker tools including backdoors, rootkits, and keystroke loggers, and tracking cookies, which are used as spyware, are described. Also covered are NIST's recommendations for preventing malware incidents to the extent possible, and the handling of malware incidents that might occur.
Radack, S.
(2005),
Preventing and Handling Malware Incidents: How to Protect Information Technology Systems from Malicious Code and Software, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=150582
(Accessed December 13, 2024)