Overview

Malicious software, or “malware” is software that is designed to cause harm to information systems and is one of the biggest challenges organizations face in maintaining cyber hygiene. Malware exploits weaknesses and vulnerabilities to make software or hardware perform actions not originally intended. Firewalls and other perimeter security devices are designed to protect the organization’s internal network from unauthorized access and malicious attacks. Malware is designed to trick users who have authorized access into running code that provides the attacker access to restricted resources in the internal network. One of the most successful strategies used by malware is to disable host security products, including anti-virus (AV) software. While some anti-virus software has its own control panel for managing host security, reports from the software can be spoofed back to end users and system administrators. In most cases, the report states that the software is installed, but malware has been known to disable AV software while leaving one file or registry entry untouched, so the parent control panel still reports the software as being functional without it actually being operational.