NIST Special Publication 500-166 Allia3 imfiB? NATTL INST OF STANDARDS & TECH R.I.C. A11 103109837 Computer Viruses and Technolo^ Related Threats: U.S. DEPARTMENT OF COMMERCE National Institute of A Management Guide Standards and Technology John P. Wack Lisa J. Camahan NIST PUBLICATIONS HP Jli m m QC - — 100 U57 500-166 1989 C.2 rhe National Institute of Standards and Technology^ was established by an act of Congress on March 3, 1901. The Institute's overall goal is to strengthen and advance the Nation's science and technology and facilitate their effective application for public benefit. To this end, the Institute conducts research to assure interna- tional competitiveness and leadership of U.S. industry, science and technology. NIST work involves development and transfer of measurements, standards and related science and technology, in support of continually improving U.S. productivity, product quality and reliability, innovation and underlying science and engineering. The Institute's technical work is performed by the National Measurement Laboratory, the National Engineering Laboratory, the National Computer Systems Laboratory, and the Institute for Materials Science and Engineering. The National Measurement Laboratory Provides the national system of physical and chemical measurement; Basic Standards^ coordinates the system with measurement systems of other nations Radiation Research and furnishes essential services leading to accurate and imiform Chemical Physics physical and chemical measurement throughout the Nation's scientific Analytical Chemistry community, industry, and commerce; provides advisory and research services to other Government agencies; conducts physical and chemical research; develops, produces, and distributes Standard Reference Materials; provides calibration services; and manages the National Standard Reference Data System. The Laboratory consists of the following centers: The National Engineering Laboratory Provides technology and technical services to the public and private Computing and Applied sectors to address national needs and to solve national problems; Mathematics conducts research in engineering and applied science in support of these Electronics and Electrical efforts; builds and maintains competence in the necessary disciplines Engineering^ required to carry out this research and technical service; develops engi- Manufacturing Engineering neering data and measurement capabilities; provides engineering measure- Building Technology ment traceability services; develops test methods and proposes engi- Fire Research neering standards and code changes; develops and proposes new Chemical Engineering^ engineering practices; and develops and improves mechanisms to transfer results of its research to the ultimate user. The Laboratory consists of the following centers: The National Computer Systems Laboratory Conducts research and provides scientific and technical services to aid Information Systems Federal agencies in the selection, acquisition, application, and use of Engineering computer technology to improve effectiveness and economy in Govern- Systems and Software ment operations in accordance with Public Law 89-306 (40 U.S.C. 759), Technology relevant Executive Orders, and other directives; carries out this mission Computer Security by managing the Federal Information Processing Standards Program, Systems and Network developing Federal ADP standards guidelines, and managing Federal Architecture participation in ADP voluntary standardization activities; provides scien- Advanced Systems tific and technological advisory services and assistance to Federal agencies; and provides the technical foundation for computer-related policies of the Federal Government The Laboratory consists of the following divisions: The Institute for Materials Science and Engineering Conducts research and provides measurements, data, standards, refer- Ceramics ence materials, quantitative understanding and other technical informa- Fracture and Deformation^ tion fundamental to the processing, structure, properties and perfor- Polymers mance of materials; addresses the scientific basis for new advanced Metallurgy materials technologies; plans research around cross-cutting scientific Reactor Radiation themes such as nondestructive evaluation and phase diagram develop- ment; oversees Institute-wide technical programs in nuclear reactor radiation research and nondestructive evaluation; and broadly dissem- inates generic technical information resulting from its programs. The Institute consists of the following divisions: 'Headquarters and Laboratories at Gaithersburg, MD, unless otherwise noted; mailing address Gaithersburg, MD 20899. ^ome divisions within the center are located at Boulder, CO 80303. ' Located at Boulder, CO, with some elements at Gaithersburg, MD. A|/^ ^ NIST Special Publication 500-1 66 ' Computer Viruses and '^^^ Related Threats: A Management Guide John P. Wack Lisa J. Garnahan National Computer Systems Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899 August 1989 NOTE: As of 23 August 1988, the National Bureau of Standards (NBS) became tine National Institute of Standards and Technology (NIST) when President e. Reagan signed into law the Omnibus Trade and Competitiveness Act. U.S. DEPARTMENT OF COMMERCE Robert A. Mosbacher, Secretary NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY Raymond G. Kammer, Acting Director NIST Reports on Computer Systems Technology The National Institute of Standards and Technology (NIST) (formerly the National Bureau of Standards) has a unique responsibility for computer systems technology within the Federal government. NIST's National Computer Systems Laboratory (NCSL) develops standards and guidelines, provides technical assistance, and conducts research for computers and related telecommunications systems to achieve more effective utilization of Federal information technology resources. NCSL's responsibilities include development of technical, management, physical, and administrative standards and guidelines for the cost-effective security and privacy of sensitive unclassified information processed in Federal computers. NCSL assists agencies in developing security plans and in improving computer security awareness train- ing. This Special Publication 500 series reports NCSL research and guidelines to Federal agencies as well as to organizations in industry, government, and academia. Library of Congress Catalog Card Number: 89-600750 National Institute of Standards and Technology Special Publication 500-166 Natl. Inst. Stand. Technol. Spec. Publ. 500-166, 44 pages (Aug. 1989) CODEN: NSPUE2 U.S. GOVERNMENT PRINTING OFFICE WASHINGTON: 1989 For sale by the Superintendent of Documents, U.S. Government Printing Office, Washington, DC 20402 Computer Viruses and Related Threats Table of Contents Executive Summary v 1. Introduction 1-1 1.1 Audience and Scope 1-1 1.2 How to Use This Guide 1-2 2. A Brief Overview on Viruses and Related Threats 2-1 2.1 Trojan Horses 2-1 2.2 Computer Viruses 2-2 2.3 Network Wornis 2-4 2.4 Other Related Software Threats 2-6 2.5 The Threat of Unauthorized Use 2-6 3. Virus Prevention in General 3-1 3.1 User Education 3-2 3.2 Software Management 3-3 3.3 Technical Controls 3-5 3.4 General Monitoring 3-6 3.5 Contingency Planning 3-7 4. Virus Prevention for Multi-User Computers and Associated Networks 4-1 4.1 General Policies 4-1 4.2 Software Management 4-2 4.3 Technical Controls 4-3 4.4 Monitoring 4-5 4.5 Contingency Planning 4-7 4.6 Associated Network Concerns 4-8 5. Virus Prevention for Personal Computers and Associated Networks 5-1 5.1 General Policies 5-2 5.2 Software Management 5-2 5.3 Technical Controls 5-3 5.4 Monitoring 5-5 5.5 Contingency Planning 5-6 5.6 Associated Network Concerns 5-7 iii Computer Viruses and Related Threats References Suggested Reading B-1 iv Computer Viruses and Ri-laied Threats Executive Summary Executive Summary Computer viruses and related threats represent an increasingly serious security problem in compuiing systems and networks. This document presents guidelines for preventing, deterring, containing, and recovering from attacks of viruses and related threats. This section acquaints senior management with the nature of the problem and outlines some of the steps that can be taken to reduce an organization's vulnerability. What Are Computer Viruses and Related Threats? Computer viruses are the most widely recognized example of a class of programs written to cause some form of intentional damage to computer systems or networks. A computer virus performs two basic functions: it copies itself to other programs, thereby infecting them, and it executes the instructions the author has included in it. Depending on the author's motives, a program infected with a virus may cause damage immediately upon its execution, or it may wait until a certain event has occurred, such as a particular date and time. The damage can vary widely, and can be so extensive as to require the complete rebuilding of all system software and data. Because viruses can spread rapidly to other programs and systems, the damage can multiply geometrically. Related threats include other forms of destructive programs such as Trojan horses and network worms. Collectively, they are sometimes referred to as malicious software. These programs are often written to masquerade as useful programs, so that users are induced into copying them and sharing them with friends and work colleagues. The malicious software phenomena is fundamentally
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages52 Page
-
File Size-