Question Define how to mitigate / reduce the risk of them.

Answer Mitigating Viruses and Trojan Horses Virus and Trojan horse attacks can be kept under control by the following few steps which should ensure that attacks are kept at the minimum threat level, even if not totally eliminated: The primary means of mitigating virus and Trojan horse attacks is antivirus software. For total protection, host-based intrusion prevention systems (HIPS), such as Cisco Security Agent should also be deployed. It protects the OS kernel. However, antivirus software must be used properly and updated regularly. Knowledge is power and it applies to security administrators as well. They should strive hard to keep themselves updated of the latest threats, attack methods and principles being deployed by hackers. Having such knowledge, they could prevent a possible catastrophic situation from emerging. Mitigating Worm Due to the specific nature of worm attacks and their methods of self propagation, it is obvious that it would require significantly more intelligent efforts. Normally the process of mitigating can be divided into the following steps.
Four Steps to Worm Mitigation

Containment: This step involves compartmentalization of the network into infected and not infected parts. This helps to contain the spread of the worm attack. Inoculation: This step involves scanning and patching of the vulnerable systems. Quarantine: In this step the infected machine is detected, disconnected and removed. If removal is not possible the infected machines are blocked. Treat: This is the step where cleaning up and patching is done. Some worms may need reinstalling of the entire system for a thorough clean up.

Types of Trojan Horses

 Remote-access Trojan Horse Enables unauthorized remote access Data sending Trojan Horse - Provides the attacker with sensitive data such as passwords Destructive Trojan Horse Corrupts or deletes files Proxy Trojan Horse User's computer functions as a proxy server FTP Trojan Horse (opens port 21) Security software disabler Trojan Horse (stops anti-virus programs or firewalls from functioning) 5 Phases of a Virus/Worm Attack Probe phase: Vulnerable targets are identified using ping scans. Penetrate phase: Exploit code is transferred to the vulnerable target. Persist phase: After the attack is successfully launched in the memory, the code tries to persist on the target system. Propagate phase: The attacker attempts to extend the attack to other targets by looking for vulnerable neighboring machines. Paralyze phase: Actual damage is done to the system.