Playbooks, sometimes known as Standing Operating Procedures (SOP) or runbooks, are used for troubleshooting common issues. They are often created by a team of employees who are trained to manage security issues. Playbooks often include bulleted lists, step-by-step instructions, or diagrams, all of which make it easy to follow troubleshooting instructions. Standing Operating Procedures Standing Operating Procedures Throughout the next 4 weeks, you will develop a playbook for a fictional company that hired you to write their playbooks and manage the team. The first portion of the playbook is a response to malware at the company. Outline a 2- to 3-page playbook in which a malware attack of your choice occurs. Complete the following in your outline: Provide details of the malware. Identify the exploited vulnerability and its attack vector. Analyze the vulnerability to determine 2 risks of this malware. Outline step-by-step instructions on how to resolve the malware attack. Remember,

Standing Operating Procedures – Trojan Horse

Malware’s Details

• Trojan horse is a deceptive code that misleads users of its actual intent.
• The malicious code typically appears to come from a trusted source.
• Its initial presence as a legitimate software was a strategic way of gaining access to the target system.
• The software ultimately seeks to take control of the computer, and the first version of its kind was established in 1975.
• It is usually designed to steal, disrupt, damage, or initiate other harmful actions on the network, system, or data (Easttom, 2019). Our assignment writing help is at affordable prices to students of all academic levels and disciplines.

Exploited Vulnerability and its Attack Vector

• Every system is at the risk of acquiring Trojan malware – However, the less protected computers are the most vulnerable due to the low defensive mechanism.
• The cyber attackers achieve their mission through social engineering whereby one is incited to load an attractive program into their computers.
• It is perpetuated through various means such as a misleading email – One may receive an email masquerading to be from a trusted source. The moment the attachment is clicked, downloaded, and opened, the malware installs automatically.
• Unlike the virus, this malware cannot replicate on its own – Its progression relies on real-time execution by the user.
• Once the Trojan horse is triggered, it accomplishes its intended purpose.
• In most instances, it can progressively run without users’ consent.

Risks of the Malware

• There lies a wide range of vulnerabilities that can expose the company to Trojan attacks, as listed below:
  • Tampered operating systems
  • Tampered webpages
  • Tampered browsers
  • Lack of user education
• A Trojan horse has immense side effects, most of which affect the daily operations of the firm.
• The vulnerabilities mentioned above pave the way for various risks, such as:
  • Data manipulation– The malware can delete users’ data, especially for backdoor Trojan horses. Backdoor Trojan horse is a malicious attack that hands over the system’s control to the remote attacker (Yu, Yalin & Haodan, 2019). This implies that the intruder can potentially perpetrate any desired action, including deleting files, launching, sending, and receiving data. Backdoor intrusion is typically applied to converge a group of systems to form a zombie network. The botnet can then be used to accomplish other criminal events.
  • Disruption of computers and networks – Apart from the data, the Trojan horse further affects the actual systems and connections. This attack is primarily accelerated by the rootkit Trojan horse, which seeks to conceal specific aspects of the system (Yu et al., 2019). This approach ensures that the malicious software is not detected; hence continues to exploit the infrastructure. The infected computers and networks are finally rendered ineffective and might have to be replaced.

Resolving the Malware Attack

• Trojan horse attack can be resolved by:
  • Run an internet security suite – Periodic diagnostic scans are sure ways of validating whether the system is under attack.
  • Identify and remove the program – There are many varieties of Trojan horses, and thus, recognizing the specific type makes it easy for its removal. One should further ensure all foreign extensions are removed from the computer (Easttom, 2019).
  • Update the operating system software – The attackers take advantage of worn-out applications to attack a computer. Outdated programs have many loopholes, which opens the way for further attack and thus should be checked and updated as soon as new versions are released.
  • Install antimalware software – Competitive solutions such as Kaspersky help catch up with the attacks before they manifest further.
  • Restart the system – Having removed all the present attacks and installed necessary protective strategies, it is imperative to restart the system for optimal performance.

References

Easttom, C. (2019). Computer security fundamentals. Pearson IT Certification.

Yu, W., Yalin, Y., & Haodan, R. (2019, October). Research on the Technology of Trojan Horse

Detection. In 2019 12th International Conference on Intelligent Computation Technology an