Malware is used as a common name for various malicious software that affects computer systems, either personal or institutional. Such malicious software is developed in the form of codes, links, or files that are created by cyberattackers. Malware causes extensive damages to systems and the data they contain. They are also designed for the attackers to gain unauthorized access to different networks which may lead to access to personal and financial data. In case a company realizes that its servers are infected by malware, it should follow specific steps to ensure that the malware is contained with minimal damage.
Updating the file level of the server and using high-level antivirus software for all users in an organization use is not enough in avoiding malware attacks. In case of a malware attack, cleaning the malware-infected server is easy for those organizations which follow specific steps (Zeltser, 2015). First, they should stop SMTP traffic flow by cutting off communications that take place between mail servers and the internet. Cutting off these communications helps prevent the organization's server from spreading any infected messages to the outside as well as stops any messages from coming into the server until the infection is eradicated. SMTP traffic can be stopped through a configuration of the SMTP connector of the organization in such a way that it does not deliver any mail. When finishing the SMTP traffic, the organization might consider disabling SMTP virtual servers too.
Secondly, the organization should keep its users out of exchange while it disinfects the servers. The easiest way to do this is by unplugging any network cable from the server (Lim & Swinson, 2015). This step ensures that nobody in the organization sends or receives any data until the organization eliminates the malware and is ready for such activity. Thirdly, the organization should freeze its message queues. This step ensures that message queues are cleaned where unwanted messages are deleted. The emails should be recalled where the recipients of any note through email are asked to destroy copies and links which have been posted by mistake. After all unwanted messages are deleted, all compromised accounts should have a password reset with users being advised to change the details of their minds.
Locate infected messages and remove them. An assessment should be done where the organization identifies what has been infected. In cases where it is hard to establish compromised data, a conservative approach of estimation should be made (Derbeko, Natanzon, Harel, Ram & Saad, 2018). An assessment of the way specific data could be used against the victims in the organization should be performed. If personal data has been extracted and can be used for criminal activities, the breach is treated as more severe. There are chances that after the queues are disinfected, the mailboxes on the server may still contain infected messages. The organization should ensure that it scans every employee's mailboxes using an aware exchange antivirus to disinfect all their mailboxes automatically. This should be done before allowing any users in the organization to start using the server again.
The last step is to return the server of the organization to a state where it starts working again. This is done using a process by which mails are enabled to begin flowing again, and any frozen queues are unfrozen (Lim & Swinson, 2015). The SMTP virtual server is enabled and the connection time for the SMTP connector is set back to an Always Run state then the network cable is plugged again. This allows users to start reaccessing the server.
With the increasing levels of technology worldwide, there have been many cases of malware attacks to the servers and systems of different organizations. Each company needs an anti-malware program that is installed in the servers and networks to ensure that unauthorized access to data and hacking of sensitive information does not happen. However, this security measure is not always practical, which is why every organization should follow the above steps to deal with malware attacks when they arrive.
Derbeko, P., Natanzon, A., Harel, Y., Ram, H., & Saad, Y. (2018). U.S. Patent No. 9,940,460. Washington, DC: U.S. Patent and Trademark Office.
Lim, C., & Swinson, M. (2015). Five steps to respond to a security breach. Retrieved 30 September 2019, from https://www.cio.com.au/article/580908/5-steps-respond-security-breach/
Zeltser, L. (2015). 4 Steps To Combat Malware Enterprise-Wide. Retrieved 30 September 2019, from https://zeltser.com/malware-in-the-enterprise/
Cite this page
Malware: Common Threat to Computer Systems & Data - Essay Sample. (2023, Feb 23). Retrieved from https://proessays.net/essays/malware-common-threat-to-computer-systems-data-essay-sample
If you are the original author of this essay and no longer wish to have it published on the ProEssays website, please click below to request its removal:
- Marriott Hotel's Website Design Functionality From Customer Experience
- A Discussion on Network Neutrality Paper Example
- Perception of the Internet as a Tool for Finding Health Information Paper Example
- Wireless Networks Questions Paper Example
- QSEN Pre-Licensure Essay
- Exploration of a Shared Information System in Baylor Scott and White Health - Essay Sample
- Honeypot: A Tool to Detect & Block Unauthorized Access - Research Paper