Table of Contents

PrefaceDedicationAcknowledgementsIntroductionChapter One: Malicious Code OverviewWhy Malicious Code Attacks are DangerousThe Impact of Malicious Code Attacks on Corporate SecurityWhy Malicious Code Attacks WorkFlaws in Software Weaknesses in System and Network ConfigurationsSocial EngineeringHuman Error and FoolishnessHackers, Thieves, and SpiesAction Steps to Combat Malicious Code AttacksChapter Two: Types of Malicious CodeEmail VirusesTrojansBack DoorsWormsBlended ThreatsTime BombsSpy WareAd WareSteal Ware Action Steps to Combat Malicious Code AttacksChapter Three: Review of Malicious Code IncidentsHistoric TidbitsThe Morris WormMelissaLove BugCode Red(s)SirCamNimdaSlammerThe Summer of 2003 Barrage of Blaster, Sobig and MoreEarly 2004 with MyDoom, Netsky and MoreAction Steps to Combat Malicious Code AttacksChapter Four: Basic Steps to Combat Malicious CodeUnderstanding The RisksUsing Security Policies to Set StandardsSystem and Patch UpdatesEstablishing a Computer Incident Response TeamTraining for IT ProfessionalsTraining End UsersApplying Social Engineering Methods in an OrganizationWorking with Law Enforcement AgenciesAction Steps to Combat Malicious Code AttacksChapter Five: Organizing for Security, Prevention, and ResponseOrganization of the IT Security FunctionWhere Malicious Code Prevention fits Into the IT Security FunctionStaffing for Malicious Code Prevention in ITBudgeting for Malicious Code Prevention Evaluating Products for Malicious Code Prevention Establishing and Utilizing an Alert SystemsEstablishing and Utilizing a Reporting SystemCorporate Security and Malicious Code Incident InvestigationsAction Steps to Combat Malicious Code AttacksChapter Six: Controlling Computer Behavior of EmployeesPolicies on Appropriate Use of Corporate SystemsMonitoring Employee BehaviorSite Blockers and Internet FiltersCookie and Spyware BlockersPop Up BlockersControlling DownloadsSPAM ControlAction Steps to Combat Malicious Code AttacksChapter Seven: Responding to a Malicious Code IncidentThe First Report of a Malicious Code AttackThe Confirmation ProcessMobilizing the Response TeamNotifying ManagementUsing an Alert system and Informing End-UsersClean up and RestorationControlling and Capturing Malicious CodeIdentifying the Source of Malicious CodeThe Preservation of EvidenceWhen to Call Law EnforcementEnterprise Wide EradicationReturning to Normal OperationsAnalyzing Lessons LearnedAction Steps to Combat Malicious Code AttacksChapter Eight: Model Training Program for End-UsersExplaining why The Training is ImportantExplaining The Appropriate Use Policy for Computers and NetworksExplaining How the Help Desk and PC Support of the Organization WorksCovering the Basic Do’s and Don’ts of Computer Usage to Prevent AttacksProviding Basic Information about Malicious CodeExplaining How it Identify Potentially Malicious CodeExplaining What Employees Should to do if They Suspect Code is Malicious Explaining What Employees Should Expect From the IT Department During Incident Response.Performing the Administrative Aspects of a Training ProgramAction Steps to Combat Malicious Code AttacksChapter Nine: The Future of Malicious CodeMilitary Style Information WarfareOpen Source Information WarfareMilitancy and Social ActionHomeland Security EffortsAction Steps to Combat Malicious Code AttacksIndexAppendix A: Computer Security Resources

Promotional Information

*Provides step-by-step instructions to follow in the event of an attack
*Case studies illustrate the do's, don'ts, and lessons learned from infamous attacks
*Illustrates to managers and their staffs the importance of having protocols and a response plan in place

About the Author

Michael Erbschloe an information technology consultant, educator, and author. Michael has also taught and developed technology related curriculum for several universities including the University of Denver, and speaks at conferences and industry events around the world. He has authored hundreds of articles on technology and several books including Information Warfare: How to Survive Cyber Attacks.