|
Computer viruses, spyware, worms, rootkits, Trojan Horses and the like, all have one thing in common: they do something to your computer or your sensitive information that you don't want them to do. (Google any of these terms if you want to know more about them).
Some malware is very innocent and benign; others are very destructive. Some will slow your system to a crawl, making it obvious something is wrong. Others lay in the shadows, logging your every keystroke, sending a record of everything you type to servers and other compromised machines. Some malware infection happens immediately, others lay in wait for a specific day or trigger to do their dirty work. Still others have the ability to 'mutate,' or change what they do and how they spread. When it comes to the havoc that malicious code or "malware" creates, Yuck! is an understatement!
There are many ways that a virus will enter your computer:
- By connecting an unpatched operating system to the network - any network;
- By using an unpatched Internet browser and going to a web page with malicious code;
- Through the use of "always open" applications such as instant messaging;
- From a file you downloaded from the Internet;
- From opening an infected e-mail attachment;
- Via a contaminated thumb drive.
Scary, isn't it! By simply connecting your computer to the Internet (or campus network), it is targeted by malicious computers. Please be advised, alerted, forewarned and very, very, strongly cautioned, that plugging an unpatched, unprotected system into the network will increase the probability that your computer will be hit with a virus to 100%! In other words, if you connect an unprotected system to the network it WILL get a virus.
Today's Greatest Virus Threat Comes from Unprotected Computers
SPU is not immune to viruses and other malware transmitted via e-mail and the Internet. If you are bringing a computer to the SPU network, it is imperative that you follow the device health steps outlined on the Connecting Personal Devices page.
The Second Greatest Threat: Ignorance
Many of the current malware exploits seek to get past security technology defenses by fooling users: what is commonly referred to as "Social Engineering." The art so social engineering takes advantage of the inherent trust that we hold for each other, and our desires to be helpful and liked. Social engineers take advantage of our openness and curiosity. And that's where they get us, because no matter how good the technology is, a careless user can easily be led to bypass inherent controls; seduced into executing malicious code, if you will.
Simply put: when you are accessing resources via a network:
- Be cautious and wary, not happy-go-lucky.
- Think before following links or replying to strange requests via email (phishing attacks).
- Don't ever respond to online solicitations for sensitive and private information.
- Know what is meant by a "Security Certificate". (We're not going to explain that here - Google it, it's very important.)
- Keep confidential accounts and passwords confidential - pssst... that's why they are called "Confidential!"
Through a combination of up-to-date technology and sound user-practice, our defenses to prevent malware are formidable. Exercising good judgment in this regard could potentially save you and the University considerable resources and headache!