For the second chapter, we read about malware and the methods to preventing it.
There are many forms of malware, such as viruses, trojans, ransomware, adware, spyware, worms, etc. Malware is essentially code used for malicious intent. Typically malware is a method of monetary gain, but it can be used by activists, political messages and national defense strategies. A malware infection can compromise data from the victim, and with this the impacts can be a loss of money, reputational damage and loss of critical data (like personal identifying information).
Antivirus software should not be the single line of defense against malware because depending on the type of AV, it may not be as effective as the user believes. AV software can use the concept referencing a blacklist of known infections to defend against malware. There is also the whitelist and behavior-oriented antivirus software which is more effective than the blacklist.
Malware can infect any device that runs code.
A company can have a more effective defense strategy against malware if they assess the risks (inventory control, limiting access). Table-top exercises and simulated malware testing are good techniques to start with.
The chapter was a lot of information to take in, but it all made sense and was easy to follow along.
No comments:
Post a Comment