Up One Level



Term coined by hacker, turned spook, Dan Edwards. A Trojan Horse is a malicious, security-breaking program that is disguised as something benign, such as a directory lister, archiver, game or, in one notorious 1990 case on the Apple Macintosh, a program to search and destroy viruses! A Trojan is a type of virus which normally requires a user to perform some action before the payload can be activated. Famous examples include the latest (May 2000) attack by a virus known as 'Resume' in which an E-mail is received with an attachment which purports to be the CV of a lady seeking employment. A CV is actually attached, but embedded within it is a macro-virus which activates the Trojan program as soon as the document is opened for viewing. If the attachment is not opened, the virus cannot deliver the payload and no damage is done.

A basic defence against all viruses is a strict organisation policy that E-mail attachments should not be opened until they have been checked by an anti-virus scanner and then only if they originate from a known, reliable, source (even other known users may be infected). Any attachment which does not meet these criteria should be saved to a floppy disk and passed to your anti virus software vendor's investigation team to investigate. Meanwhile the original E-mail message with its attachment must be deleted from the user's system.

*** The Information Security Glossary ***
Previous PageTop of this pageNext Page

Buy Now:


This Glossary forms part of the RUsecure Security Policy Suite... visit RUsecure Security Policy World
Use of the guidance contained within RUsecure™ is subject to the End User Licence Agreement
This site created with EasyHTMLHelp(tm) for MS Word
 Risk Associates: Resources for Security Risk Analysis, ISO 17799 / BS7799, Security Policies and Security Audit