Computer viruses, spyware, worms, rootkits, Trojan Horses, and other types of malicious infection all have one thing in common: they do something to your computer or your sensitive information that you don't want them to do. The differences between these types of infection are subtle, and they all fall under the larger category of Viruses and Malware.
Different types of malware act in different ways. Some malware will run in the background and slow down a computer system or secretly record a user's actions or data. Other malware may present itself as legitimate antivirus software, while locking down a computer until a "ransom" fee is paid. Still others have the ability to "mutate", or change what they do and how they spread.
How Does One Get Infected?
There are many ways that a virus might enter your computer:
- Connecting to a network with an unpatched operating system (any network);
- Using an unpatched internet browser and going to a web page with malicious code;
- Use of "always open" applications such as instant messaging;
- Downloading/installing files from the internet;
- Opening an infected email attachment;
- Using a contaminated USB drive
Simply connecting a computer to the internet (or campus network) puts it at risk of being targeted by malicious viruses and malware. Please be advised that plugging an unpatched, unprotected system into the network will highly increase the probability that the system will become infected with a virus, putting private information or other computer systems at risk.
SPU is not immune to viruses and other malware transmitted via email and the internet. It is imperative that the System Health Requirements are followed for any personal computers brought to campus and connected to the network.
Many current malware exploits seek to get past security technology defenses by fooling users using a process commonly referred to as Social Engineering. The art of social engineering takes advantage of the inherent trust that humans hold for each other, and the desire to be helpful and liked. Social engineers take advantage of openness and curiosity. No matter how good the technology or strong the security system, a careless user can easily be led to bypass inherent controls or fooled into executing malicious code.
When accessing any resources over the internet:
- Be cautious and wary, not happy-go-lucky;
- Think before following links or replying to strange requests via email;
- Don't ever respond to online solicitations for sensitive and private information;
- Know what is meant by a security certificate;
- Ensure confidential accounts and passwords stay confidential.
Through a combination of up-to-date technology and sound user practice and education, our defenses to prevent malware are formidable. Exercising good judgement in this regard could potentially save you and the University considerable resources and headache!