NIST Malware Incident Prevention and Handling for Desktops and Laptops – Special Publication 800-83
Malware, also known as malicious code, refers to a program that is covertly inserted into another program with the intent to:
- destroy data.
- run destructive or intrusive programs.
- compromise the confidentiality, integrity, or availability of the victim’s data, applications, or operating system.
Malware is the most common external threat to most hosts. It’s able to cause widespread damage and disruption and necessitating extensive recovery efforts within most organizations.
Organizations also face similar threats from a few forms of non-malware threats that are often associated with malware. One of these forms that has become commonplace is phishing, which is using deceptive computer-based means to trick individuals into disclosing sensitive information.
“Malware threats may be a complex incidente” says Douglas Bernardini, Cybersecurity Specialist & Cloud Computing Expert
This publication provides recommendations for improving an organization’s malware incident prevention measures. Publication also gives extensive recommendations for enhancing an organization’s existing incident response capability so that it is better prepared to handle malware incidents, particularly widespread ones.
This revision of the publication, Revision 1, updates material throughout the publication to reflect the changes in threats and incidents. Unlike most malware threats several years ago, which tended to be fastspreading and easy to notice, many of today’s malware threats are more stealthy, specifically designed to quietly, slowly spread to other hosts, gathering information over extended periods of time and eventually leading to exfiltration of sensitive data and other negative impacts.
see full document here:
NIST Malware Incident Prevention Special Publication 800-83