xxxiv Introduction AVIEWS, recounts the history of these two organizations, a story of more than historical interest. In the second section, David Harley takes up the theme of the sometimes stormy relationship between the antivirus industry and its customers, and tries to dispel some common myths. James Wolfe then takes up the baton to consider the roles of the independent researcher, the vendor-employed specialist, and the corporate security specialist. Finally, David Harley looks at security certification in the context of malware research, and he and Ken Bechtel consider whether there is a need for a specialist certification for antimalware administrators. Chapter 2 kicks off with a consideration of the thorny issue of malware nomencla- ture by Ken Bechtel, and then David Harley takes a brief historical look at how we got here, before expanding on some of the (mostly) malware-related problems we face today (rootkits, spam, phishing, muledriving, hoaxes). In Chapter 3, Igor Muttik brings his considerable experience in malware research to bear onto threats and countermeasures in the context of the World Wide Web, while Chapter 4, by Tony Bradley and David Harley, tackles bots and botnets, arguably Public Cyber-Enemy Number One. Chapter 5 takes us into the underworld: David Harley reviews the history of old-school virus writing, while Enrique Gonzales considers some criminal business models. Ken Dunham and Jim Melnick offer a fascinating case study, concerning a Chinese hacking group. Finally, Enrique looks into his crystal ball in the hope of