Protection from Malicious Software (PS-08-021)
PS-08-021 Protections from Malicious Software
Issue Date: 3/20/2008
Effective Date: 3/20/2008
Review Date: 7/1/2018
Malicious software, also known as malicious code and malware, has become the most significant external threat to information systems causing widespread damage and disruption and necessitating extensive recovery efforts causing productivity and financial losses within many organizations. Implementing appropriate mitigation measures should facilitate more efficient and effective malware incident prevention and response activities within state agencies.
This policy establishes the requirement for agencies to protect all state information resources from malicious software.
System Owners shall utilize policy, education and awareness, and technical prevention and detection controls best suited for their environments, to avoid introduction and exploitation of malicious software in state information systems.
RELATED ENTERPRISE POLICIES, STANDARDS, GUIDELINES
NIST SP 800-61, Computer Security Incident Handling Guide
NIST SP 800-83, Guide to Malware Incident Prevention and Handling
NIST SP 800- 28 Guidelines on Active Content and Mobile Code
NIST SP 800-19 Mobile Agent Security
TERMS and DEFINITIONS
Malware, malicious code, malicious software - refers to a program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system or otherwise annoying or disrupting the victim. Major forms of malware include but are not limited to: viruses, virus hoaxes, worms, Trojan Horses, malicious mobile code, blended attacks, spyware, attacker backdoors and toolkits.
- Spyware is malware intended to violate a user’s privacy and monitor personal activities and conduct financial fraud.
- Phishing is a non-malware threat that is often associated with malware, such as using deceptive computer-based means to trick individuals into disclosing sensitive information.
- Virus hoaxes are false warnings of new malware threats.