Malware Responses: What to Do Before, During, and After an Attack
Malware attacks are powerful enough to do some serious damage to businesses, but experts say with proper planning and the right responses serious disasters can be avoided. Businesses should have a telephone contact list if there is a problem regardless of the time of day. It is important for users to know that most attacks are inside jobs. Businesses must make sure they educate their users. Licensed software should always be used with the most current critical patches and all systems should be routinely scanned for viruses, spyware, and Trojans. When an attack takes place, infected or compromised systems must be disconnected from the network and cleaned with anti-malware software. Passwords on every system and server must be changed after an attack and the source IP of the attack must be determined so it does not happen again. Recognizing signals related to an attack such as high network activity, sudden file or disk activity, and the system suddenly slowing down are all warning signs. Management should evaluate their actions on how they handled an attack, then implement suggested changes to make the actions more effective the next time around.
© Copyright 2006 INFORMATION, INC.
Print This Article
E-mail This Article
