Done
Discount Ans
informationassurance1.pptxInformation assurance
Student name
Professor
Course
Date of submission
Malware analysis is the process of identifying potential threats
The threats can cause harm and damage to the computer
Information assurance is ensuring that the information is protected from potential vulnerabilities.
Malware analysis in a key strategy in enhancing information assurance (Bansal, 2019).
Introduction
Malware analysis is the process of identifying the cause of any potential threat that could have caused harm to information technology or computer systems. Malware is a piece of software intended to cause harm to the system and network. Malware analysis is crucial in ensuring that information is assured and safe from potential attacks. Malware is a key threat to essential information since it has the ability to spread itself in the network, cause changes, remain undetectable, and damage the infected system or network. They can bring down the performance of the machine and cause crucial destruction of networks. When a computer
2
Confidentiality
Non-repudiation
Integrity
authentication
Principles of information assurance
Malware analysis is crucial in ensuring that the information is assured of safety and kept accessible by the relevant users (Sihwail et al., 2018). It is a key measure in defending and protecting information and its systems by enhancing integrity, authentication, confidentiality, non-repudiation, and availability. Information assurance is quite different from cybersecurity since it is a more established disciplined with a wider focus on non-digital and digital information protection of assets such as hard copy records. The document below contains a qualitative analysis of information assurance on malware analysis.
3
They assist organizations identify key vulnerabilities
Provides relevant information about potential threats
Assist in developing management plan for mitigating potential malware
Aids in detecting software defects and vulnerabilities
Importance of risk assessment information assurance during malware analysis
Importance of risk assessment information assurance during malware analysis
4
Ransomware
Malware
Spyware
Adware
Worm
Virus
Trojan horses (Chaed, 2019).
Malware threats that can affect information assurance
There are six common types of malware threats that mostly attack computer information systems. The types include viruses, Trojan horses, ransomware, adware, spyware, and adware. Viruses are designed to damage the target device or computer by corrupting the data present or fully shutting down the system. Cybercriminals are used to steal information, harm networks, and computer, develop botnets, and render crucial information (Cambou et al., 2018). Computer viruses are from human actions meant to infect computers and mobile devices, and they are spread often through internet downloads and email attachments.
5
It provides the user with information needed to respond to threats
ensure that the infected systems and files are located.
. It assists in accessing the extent to which a particular malware can affect information assurance
. Malware analysis is a crucial element in developing host-based and network signatures
Importance of malware analysis on information assurance
Malware analysis is crucial since it provides the user with the information needed to respond to specific network intrusions. The analysis goals are to determine what occurred and ensure that the infected systems and files are located. It assists in accessing the extent to which a particular malware can affect information assurance. After identifying the affected information files, the user develops signatures to detect malware infections in the network. This will reduce further damage apart from the one existing
6
it is important to develop strategies that will enhance information assurance.
The business should implement multiple layers of security to enhance the protection of data.
There should be the implementation of firewalls in conjunction with updates and patch management.
The systems and networks should be monitored regularly to enhance detection and response at earlier stages
information assurance from malware analysis
After conducting a malware analysis and detecting the potential vulnerabilities and threats, it is important to develop strategies that will enhance information assurance. The business should implement multiple layers of security to enhance the protection of data. The layers include end-user training, antivirus software, ant-malware, and email, as wells as web filtering. There should be the implementation of firewalls in conjunction with updates and patch management. The systems and networks should be monitored regularly to enhance detection and response at earlier stages. Layered approaches are important since they ensure that all potential entrants are protected. For instance, firewalls may prevent hackers from gaining access to the network.
7
Email, as wells as web filtering
end-user training
Equipping systems with antiviruses software's
Types of malware mitigation strategies
The business should implement multiple layers of security to enhance the protection of data. The layers include end-user training, antivirus software, ant-malware, and email, as wells as web filtering. There should be the implementation of firewalls in conjunction with updates and patch management. The systems and networks should be monitored regularly to enhance detection and response at earlier stages
8
Can lead to damage of information systems
Can lead to loss of sensitive data
can lead to massive losses in case of ransomware attack
Unauthorized parties can gain access to information thus leading to lack of integrity (Hiran V. Nath, 2018).
Impact of malware attacks to information assurance
Adware is aggressive advertising software that appears on the user's computer screen. Malicious adware has the potential of collecting data n, changing internet browser settings, and redirecting to advertising sites. The adware is obtained from the browser's vulnerability. There exists legitimate adware, but it asks for permission before collecting data from the user. Ransomware is the final type of malware (Paranthaman, 2017). It is very popular and known for generating a large amount of money for cybercriminals. It works by captivating the user's data and demands payment to release the data back to the user. It also restricts the user from accessing their data by locking down the system. The cybercriminals display messages forcing the user to make payments to gain back access to the computer and release restrictions. After payment, the computer transforms back to its original state.
9
The business should not forget the end-users despite the effectiveness of the layer approaches.
94% of the malware attacks are executed through emails, which implies that business security is based on its end-users.
End-user training is important to ensure data assurance
Passwords and logins should only be provided to authorized users(Zhang, 2017).
end-users
Back options are necessary to gain back access to crucial data after a ransomware attack. The business should not forget the end-users despite the effectiveness of the layer approaches. 94% of the malware attacks are executed through emails, which implies that business security is based on its end-users. There are several types of malware attacks that include viruses, Trojan horses, ransomware, adware, spyware, and adware.
10
organizations should create a disaster and business continuity plan
The plans ensure protection of assured information after attack
There are several types of malware attacks that include viruses, Trojan horses, ransomware, adware, spyware, and adware.
Malware analysis is crucial since it provides the user with the information needed to respond to specific network intrusions (Chaed, 2019).
conclusion
In summary, organizations should create a disaster and business continuity plan to protect the assured information after malware attack incidences. Back options are necessary to gain back access to crucial data after a ransomware attack. The business should not forget the end-users despite the effectiveness of the layer approaches. 94% of the malware attacks are executed through emails, which implies that business security is based on its end-users. There are several types of malware attacks that include viruses, Trojan horses, ransomware, adware, spyware, and adware. They are threats to the efforts of ensuring information assurance since they can gain access to information systems. Malware analysis is crucial since it provides the user with the information needed to respond to specific network intrusions. The analysis goals are to determine what occurred and ensure that the infected systems and files are located.
11
References
Bansal, D. (2019). (PDF) Malware analysis and classification: A survey. ResearchGate. https://www.researchgate.net/publication/276495476_Malware_Analysis_and_Classification_A_Survey
Chaed, E. W. (2019, May 20). Cybersecurity spotlight - Malware analysis. CIS. https://www.cisecurity.org/spotlight/cybersecurity-spotlight-malware-analysis/
Hiran V. Nath. (2018). Static malware analysis using machine learning methods. SpringerLink. https://link.springer.com/chapter/10.1007/978-3-642-54525-2_39
Zhang, E. (2017, November 13). What is malware analysis? Defining and outlining the process of malware analysis. Digital Guardian. https://digitalguardian.com/blog/what-malware-analysis-defining-and-outlining-process-malware-analysis
References
12
