Page 1455 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1455
Malicious Code
Malicious code objects include a broad range of programmed
computer security threats that exploit various network, operating
system, software, and physical security vulnerabilities to spread
malicious payloads to computer systems. Some malicious code objects,
such as computer viruses and Trojan horses, depend on irresponsible
computer use by humans in order to spread from system to system
with any success. Other objects, such as worms, spread rapidly among
vulnerable systems under their own power.
All information security practitioners must be familiar with the risks
posed by the various types of malicious code objects so they can
develop adequate countermeasures to protect the systems under their
care as well as implement appropriate responses if their systems are
compromised.
Sources of Malicious Code
Where does malicious code come from? In the early days of computer
security, malicious code writers were extremely skilled (albeit
misguided) software developers who took pride in carefully crafting
innovative malicious code techniques. Indeed, they actually served a
somewhat useful function by exposing security holes in popular
software packages and operating systems, raising the security
awareness of the computing community. For an example of this type of
code writer, see the sidebar “RTM and the Internet Worm” later in this
chapter.
Modern times have given rise to the script kiddie—the malicious
individual who doesn’t understand the technology behind security
vulnerabilities but downloads ready-to-use software (or scripts) from
the internet and uses them to launch attacks against remote systems.
This trend gave birth to a new breed of virus-creation software that
allows anyone with a minimal level of technical expertise to create a
virus and unleash it upon the internet. This is reflected in the large
number of viruses documented by antivirus experts to date. The
