MTICS

To penetrate a remote computer and run your copy of Worms use various techniques: social engineering (eg, text, email, encourages open the attached file), failures in the network configuration (eg, disk-based, open for full access), errors in the security services, operating systems and applications. Some worms also possess properties of other types of malicious software. For example, some worms, Trojan horses contain functions or are able to infect executable files on local disk, ie, they are the property of the Trojan programs and / or computer virus. Classic computer viruses in this category are programs that spread copies of itself to resources on the local computer to: the subsequent launch of its code with any actions the user; further introduction to other computer resources. Unlike worms, viruses do not use network services to penetrate other computers.

A copy of the virus gets to the remote computers only if an infected object, for whatever does not depend on the functional reasons, the virus is activated on another computer, for example: when infection drives available virus penetrated files located on a network resource; virus has copied itself to removable media or infected files on it; a user sends an email with an infected attachment. Some viruses contain the properties of other types of malicious software, such as a backdoor Trojan component procedure or destruction of data on the disk. Trojans in this category include programs performing various unauthorized actions: information collection and transfer of an attacker, its destruction or malicious modification, computer malfunction, the use of computer resources in wrong purposes. Certain categories of Trojans cause damage to remote computers and networks, without violating the performance of the infected computer (such as Trojan programs designed for massive DoS-attacks on remote network resources). Keylogger and other malicious programs in this category include: Tools to automate the creation of viruses, worms and Trojans (designers); software libraries, designed to create malicious software; hacking tools hide the code of infected files from the antivirus scan (File Encryption); bad jokes" that make it difficult to work with a computer; programs to report user false information about his actions in the system; Other programs, one way or another intentionally cause direct or indirect damage to this or remote computers.

In November 2009, "Security Code", group companies InformZaschita, expanded its presence in three federal districts: Northwest, Urals and Far East. The responsibilities of regional Representatives Vadim Kropotov started in St. Petersburg, Nikolai Reviztsev in Yekaterinburg and Vladivostok Alexander Sklar. "All regional representatives – are experienced professionals in the field of information security, which for many years successfully represented a group of companies InformZaschita "- said General Director of Security Code" Alexander Shirmanov. – "In connection with the release of" security code " as a developer of information security as a separate company, group companies, it was decided to focus their activities on promoting the products of "security code" to reinforce the position of the new brand Russian regions, where we see significant interest in our products. " The objectives include the promotion of regional representatives of food "security code" in these districts, planning and conducting events with presentations and technical demonstrations of the company's products for customers and partners in these regions.

Expanding its presence in the regions due to the company's plans "Security Code" on the issue and distribution line of new products developed in accordance with the requirements FSTEK Russia to protect information systems processing personal data in connection with the law 152-FZ "On personal data". Understanding need to ensure the availability of certified information security tools for regional organizations – operators of personal data, the regional representatives of the security code "aimed at priority promoting innovative solutions to protect company ISPDn, virtual infrastructures, distributed network of IT infrastructures. Contact the regional representatives are published on the official site Company Code Security "Company" Security Code "- a Russian developer of software and hardware to ensure security of information systems, as well as their compliance with international and industry standards. The company offers a comprehensive information security solutions certified by technical means are used to protect confidential information, commercial and state secrets, ensure compliance of systems of personal data processing requirements of the legislation. "Security Code" is committed to providing customers with quality solutions for any problems information security, both traditional and emerging in the development of high technology. More than 400 authorized partners "Security Code" deliver products and support companies in 70 Russian regions. "Security Code" is a company InformZaschita (www.infosec.ru), which specializes in security of information systems and more than 10 years, is the leader of the Russian market of information security. OOO "Security Code" has been operating under licenses FSTEK Russia and Russia's FSB.

As a recommendation – is to use special key-tokens where all the keys and passwords in an encrypted form. It is also very good, when this token is also a pass into the room (the building), then the employee returned back to the bathroom to pull with a key (except back into the room you will not get), and for removing the key computer immediately blocked (this is on by default, but can be customized). Law number 8. Outdated antivirus software is only slightly better than its absence is indeed the case. But it is important to add: anti-virus software should have functions of heuristics and submit suspicious files directly to the antivirus company, alerting the administrator. It is necessary then that the recently intensified attacks on the company writing the specific viruses. Since this virus (trojan) was written specifically for ogrganizatsiyu, the antivirus software on it still does not know anything. And if there is no quick and proper reaction, may be too late.

You should also disable signatures in email messages that the files are updated so some antivirus software. Which antivirus is used should remain a mystery (though a needle in a haystack can not hide). Also is recommended to use some antivirus software on different machines – but it must be properly thought through, as it can greatly complicate the maintenance (and hence the response to the problem). Law number 9. Absolute anonymity Unattainable in life or on the Internet This law simply ignored. Are also encouraged to simply prohibit the many services in the workplace as well as combining some information comparing the ip addresses of users so that they write, you can collect enough information to break into the organization.

The prohibition of online services is often associated with the payment of working time, rather than with safety. (Suppose, for example, a worker spends on the forum just 15 minutes working time – in fact much more – but it's been 15 * 5 = 1 hour and 15 minutes per week, or 5 hours a month. That is a month rabotkin loses at least one full working day (and it's only 15 minutes)) Act number 10. Technology is not panacea here, too, can add little. Technology is constantly changing and every bolt is tricky its a tricky nut. Therefore, the cost of hacking should be constantly reassessed, should be constantly institutional arrangements, aimed at security, and software updates technical foundation. Well, you want to learn and understand how it works one or another program or service and where it has weaknesses.