Michael Davis, Sean M. Bodmer and Aaron LeMasters | Reviewed by Vishnu Kanhere, Ph.D., CISA, CISM, AICWA, CFE, FCA, IRCA, ISO 9001:2000 QMS Prov. Auditor
Hacking Exposed: Malware and Rootkits is a useful reference book that gives a unique insight into the techniques behind malware and rootkits. It is a must-read for those responsible for security and a useful addition to the business library.
Malware, rootkits and online attacks are a growing menace faced by everyone who goes online. Going by their proliferation in terms of numbers, reach, intensity and severity, these attacks are on their way to becoming a significant threat to the IT resources of businesses, individuals and nations across the world.
Given the easy availability of online tools and resources to infiltrate and hijack systems, it is important for everyone—especially information security professionals, information systems auditors and those in charge of IT governance— to understand these threats and the damage that they can cause and to learn the countermeasures and defenses available against them.
Hacking Exposed: Malware and Rootkits is a very good resource that focuses on malicious threats such as embedded code, pop-ups, keylogging, rootkits, zombies and bots. It gives detailed information on the latest intrusion detection, firewall, honeynet, antivirus, antirootkit and antispyware technologies.
The book is well written and provides a holistic perspective of the threats, issues and solutions. It also has rich references and resources for readers to learn more about areas of interest or for when situations demand more information.
Positive features of the book include helpful case studies and summaries of countermeasures for each kind of threat. These features are useful to the student, academic and practitioner.
The target audience is information security professionals, system administrators and computer users. It is a valuable resource for the knowledgeable user and for the novice. A good reference for information security managers, security analysts, systems developers, auditors and consultants, it provides useful details in sufficient depth.
Hacking Exposed: Malware and Rootkits is not industry-specific and addresses all sectors of business, industry and public/government sectors, as computer incidents involving malware and rootkits affect all sections in all organizations.
The book is composed of three parts. Part I has two chapters that cover malware methods of infection and malware functionality. Part II consists of four chapters and covers rootkits— user mode, kernel mode, virtual rootkits and the future of rootkits. Part III has five chapters that deal with prevention technologies—antivirus, host protection systems, host-based intrusion prevention, rootkit detection and general security practices. The material is well organized in these three sections with appropriate figures, tables, notes and charts. The appendix provides system integrity analysis, and, while the security methodologies are not cross-referenced, a useful index is provided.
The presentation of Hacking Exposed: Malware and Rootkits is such that it will be of use to the novice, student and seasoned practitioner, and, therefore, it is a recommended good read for those interested in information security.
Hacking Exposed: Malware and Rootkits is available from the ISACA Bookstore. For information, see the ISACA Bookstore Supplement in this Journal, visit www.isaca.org/bookstore, e-mail [email protected] or telephone +1.847.660.5650.
Reviewed by Vishnu Kanhere, Ph.D., CISA, CISM, AICWA, CFE, FCA, IR CA, ISO 9001:2000 QMS Prov. Auditoran expert in software valuation, IS security and IS audit. A renowned faculty member at several management institutes, government academies and corporate training programs, Kanhere is a member of the Sectional Committee LITD 17 on Information Security and Biometrics of the Bureau of Indian Standards. He is currently newsletter editor and academic relations, standards and research coordinator of the ISACA Mumbai Chapter; member of the ISACA Publications Subcommittee; honorary secretary of the Computer Society of India, Mumbai Chapter; convener of a special interest group on security; chairman of WIRC of eISA; and convener of the security committee of the IT cell of Indian Merchants’ Chamber. He can be contacted at [email protected] or [email protected].
Enjoying this article? To read the most current ISACA® Journal articles, become a member or subscribe to the Journal.
The ISACA Journal is published by ISACA. Membership in the association, a voluntary organization serving IT governance professionals, entitles one to receive an annual subscription to the ISACA Journal.
Opinions expressed in the ISACA Journal represent the views of the authors and advertisers. They may differ from policies and official statements of ISACA and/or the IT Governance Institute® and their committees, and from opinions endorsed by authors’ employers, or the editors of this Journal. ISACA Journal does not attest to the originality of authors’ content.
© 2011 ISACA. All rights reserved.
Instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. For other copying, reprint or republication, permission must be obtained in writing from the association. Where necessary, permission is granted by the copyright owners for those registered with the Copyright Clearance Center (CCC), 27 Congress St., Salem, MA 01970, to photocopy articles owned by ISACA, for a flat fee of US $2.50 per article plus 25¢ per page. Send payment to the CCC stating the ISSN (1526-7407), date, volume, and first and last page number of each article. Copying for other than personal use or internal reference, or of articles or columns not owned by the association without express permission of the association or the copyright owner is expressly prohibited.