Malware Protection
Malware is software that intends to damage or disable computers and computer systems.
Signs You may have Malware
If your computer has malware, it may react accordingly:
- Become unexpectedly and increasingly slow
- Take longer to load applications
- Get stuck on applications or web pages
- Shut down unexpectedly
- Display error messages continuously
- Display a lot of ads while you browse the internet
- Not open your task manager or activity manager
- Not allow programs to uninstall
- Keep opening and closing your Floppy/CD/DVD/Blue-ray drive when you are not using it
- Shows new and unexpected toolbars or icons in your browser or on your desktop
- Uses a new default search engine, or displays new tabs or websites you didn’t open
Types of Malware
Adware
Adware is essentially abusive advertising. This includes pop-up ads and "bundled" software such as browser toolbars. Some adware is innocuous advertising, but other instances of adware can potentially damage your computer or steal your information. It is never a good idea to knowingly install or click on adware. When downloading software, be sure it is not also asking permission to download additional software on top of the desired product and when browsing be sure to use pop-up blockers or script blockers.
Ransomware
Ransomware encrypts a computer's data so that it is inaccessible without a password. The ransomware distributor will then demand a certain amount of money, sent through an anonymous method like bitcoin, in order to decrypt the computer. There is sometimes a time limitation for payment. After this time limit, the computer's files will be deleted. The best way to recover from ransomware is to recover your data from a backup.
Rootkit
Rootkits allow access to sensitive files that usually are not modified by computer users - at least not directly. Rootkits can include viruses, worms, and Trojan horses. These programs will modify the computer, steal personal information, execute malicious files, and potentially create bots. Rootkits, unlike adware and ransomware, will typically attempt to stay hidden from the user.
Spyware
Spyware will record activity on your computer and transmit the data elsewhere. This includes login information, browser history, and potentially other information. Spyware will try to remain hidden so that it won't be removed. It can also modify security and network settings.
Trojan Horse
A Trojan Horse will trick a user into downloading malicious software. These programs will pretend to be something else that you are trying to download, but instead will give someone else access to your computer to steal information and install additional malware.
Virus
Viruses are malicious programs that will attempt to spread from machine to machine. They can attach themselves to files and programs shared between computers in order to infect as many machines as possible.
Worm
Worms are spread through networks, finding security vulnerabilities in programs and operating systems to infect machines. They can damage your computer, steal or delete information, and install bots.
Best Practices
- Updated software. Cyber criminals target older versions of software when they create malware. Keep your software updated, as updates will address security flaws and stability and usability issues. Install the latest security features.
- Use anti-virus software. Use anti-malware software. For University-owned devices, please enroll your machines in Microsoft Defender Security Center for Windows devices and JAMF for MacOS. Please submit a ServiceNow ticket for technical help. For non-SDSU devices, Windows, Immunet. For Mac OSX, Sophos or Avast are recommended anti-virus software.
- Use browser extensions. Browser extensions help with protecting your privacy. Extensions can help block you from malicious ads and malware, inform you about a website, block scripts, and enforce SSL.
Resources: - Encrypted browsing. Only send personal information to websites you know are fully encrypted (the "https:" before the webpage's URL address).
- Enable firewall. Make sure that Windows Firewall is enabled to block viruses, worms, and hackers.
- Use multi-factor authentication. Use Duo multi-factor authentication so that even if your password is stolen from public Wi-Fi, a second factor is needed.
- Onboarding Devices. SDSU owned devices must be onboarded on one of the endpoint platforms
- Open email attachments with caution. Be wary of opening email attachments, even from senders you think you know, particularly when attachments are compressed files or ZIP files.
- Verify email senders. If you are unsure whether or not an email is legitimate, try to verify the email’s legitimacy by contacting the sender directly.
- Inform yourself. Keep yourself informed about recent cybersecurity threats and up to date on ransomware techniques. You can find information about known phishing attacks here:
Get Help
To request a service, create a ServiceNow Ticket and assign the ticket to “IT-ITSO-Help Desk”.
https://it.sdsu.edu/get-help
Report an Incident
Please contact the Information Security team immediately if you experience or are aware of any of the following: