Malware Prevention
Malware is the catch-all term for any code or suspicious content that could have malicious or unwanted impact on systems. Any
exchange of information carries with it a degree of risk that might subject your business to malware, which could impact your systems
and operations. This risk may be reduced by implementing appropriate controls through 'defence in depth'.
Common Malware Vectors
Malware infections range through available opportunities, but are commonly found in:
- Email: still provides a primary path for internal and external information exchange. Malicious email attachments can cause their
payload to be executed when the attached file is opened or processed. Email with malicious content may be specifically targeted at
known individuals (phishing), or may redirect victims to malware hosted on malicious web-content.
- Removable Media: Malware can be transferred to a business system through uncontrolled introduction of removable media
(CDROM,DVD,USB) or through the connection of untrusted devices.
- Web browsing/services: Users could browse directly (or be directed) to websites that may contain malicious content which seeks to
compromise the users' browser or browser-plugins.
How can the risk be managed
Blacklist malicious web sites: Ensure that the perimeter gateway uses blacklisting to block known malicious sites.
Manage all data import and export: All data should be scanned for malicious content a the network perimeter, whether its the internet
gateway or systems that can introduce removable media.
Develop and implement anti-malware policies
Provide dedicated media scanning operations: Standalone workstations can be provided and equipped with appropriate anti-virus tools.
The workstation should be capable of scanning the content contained on any type of removable media and inspect recursive content
within files.
Establish malware defences:
- End user device protection
- Install firewalls
- Deploy content filtering
- Deploy Anti Virus
- Disable browser plugins
- Disable AutoRun
- Ensure systems are patched & up-to-date
User education and awareness
Users should understand the risks from malware and the day-to-day processes they can follow to help prevent a malware infection from
occuring. Training should contain the following:
- Think before you click
- Do not attach untrusted devices to the business network or assets
- Report any strange or suspicious system behaviour
- Maintain awareness on incident reporting.