HP Access Control Client Software manual Malware

Customer Needs Assessment

Vulnerability to Attacks

Malware

This broad, general term describes software that is at best a nuisance and at worst destructive to your network devices. Any software designed to use network resources or infiltrate network devices without the knowledge or consent of the device owner is considered malware.

You must protect your network against several types of malware.

Adware. This software displays unwanted pop-up ads on an infected end- point. Although this type of malware may seem innocuous, the number and repetition of the ads can disrupt productivity and drain network bandwidth. Some adware programs are extremely difficult to uninstall or remove. Adware is usually installed using a Trojan.

Spyware. Similar to adware, spyware is often installed on an endpoint as part of a seemingly legitimate program. It, too, is often very difficult to find and remove once installed and is much more sinister than adware. Rather than simply displaying unwanted ads, spyware can keep a record of Web sites visited, keystrokes, and other personal information. This information can then be used for identity theft or illegitimate network access. A single network endpoint infected with spyware can compromise an entire network.

Rootkits. A rootkit consists of several programs that are secretly installed on a network device after it has been successfully attacked. These programs allow an attacker to open network backdoors and steal personal or network information. What makes rootkits such a threat is that they are extremely difficult to detect and even more difficult to remove. And they give hackers the tools to spread an attack throughout a network.

Trojan Horses. A method for spreading malware, Trojans (Trojan horses) are programs that offer desirable software enhancements and applications. However, these programs also include adware, spyware, or other malware as an implicit part of the software package. Trojan programs are never explicitly labeled as such. For example, free downloads on the Internet often serve as Trojans, but any adware installation notification may be missing or obscured in an overly complex end-user license agreement.

Assessing Vulnerabilities to Malware. Malware can cause serious dam- age to a network. In some cases, malware is able not only to steal secrets, disrupt network functioning, and annoy users, but also to completely destroy all software on network devices.

2-21