The problem of counteracting malicious programs and spam distribution is rather serious and pressing Malicious programs and spam cause tangible damage to infocommunication systems owned by governmental and non-governmental organizations as well as private persons. At the same time, it should be noted that depending on the specifics of a particular infocommunication system and the value of the resources protected, the counter measures can be more or less strict, but in any case, it is necessary to escape redundant radicalism.
In the context of organizational and legal activities it is necessary to elaborate regulations aimed at protecting governmental, non-governmental, and private infocommunication systems. It is proposed that working group be created under the aegis of ADT to carry out and coordinate further activity regarding the preparation of draft documents in this area. The tasks of this group can be as follows:
the development of sets of equipment profiles to protect information resources against malicious programs;
the development of measures contributing to the effective use of current regulations;
the development of requirements for a base level of information security support for telecommunication operators, including conducting the necessary research to counteract malicious programs and spam;
the development of proposals on the responsibility of information exchange participants for violations of the security policy requirements;
the development of guidelines for organizations and individual users on counteracting malicious programs and spam distribution;
the development of drafts of regulations governing the use of the Internet resources by governmental agencies;
the elaboration of proposals on the creation of a rapid system to notify governmental, non-governmental organizations and individual users of the appearance of threats to information security.
In the context of technical activity, it appears advisable to establish a continuously operating working group for the discussion and elaboration of agreed technical proposals (recommendations, standards) in the field of counteracting malicious programs and the distribution of spam which will be based on the working group which prepared this document.
In the context of educational activity, it is necessary to organize the notification of users of legal means, and technical and organizational resources to combat malicious programs and spam. It should be expedient for this purpose to use the information resources of the Internet, mass media, and other information channels.
In particular, in the framework of educational activity it is necessary to provide:
the preparation of instructions, educational literature, guidelines and manuals, as well as Internet reference resources, with recommendations on information protection for managers at different levels, administrators of information systems, office and home computer users, instructors in the corresponding disciplines at higher and special secondary educational institutions;
the development of educational programs and training materials for studies at higher and special secondary educational institutions and at refresher cources, as well as the organization of such studies;
support of the continuously operating forums activity on the exchange of experience in copunteracting computer security threats.