April 9, 2009
Written by Joanne Jennings
It happens in a blink of an eye–if you click on a link, attachment, or file that downloads an exploit–your computer is infected! Some signs that a computer is infected include a browser home page that you did not select, sudden slowness, unexplained hard drive activity, or the inability of your computer to access the network. If you notice any of these symptoms, contact OET immediately, and disconnect your computer from the network by unplugging the Ethernet cable or disabling the wireless adapter.
To get your computer back on track, OET will run antivirus and anti-malware software to determine if an infection exists. We also will search the hard drive for personal nonpublic information (PNPI). If no PNPI exists, we will either clean your hard drive or, more likely, reformat it. If we reformat your drive, we will back up your files, wipe you current hard drive of all information, and restore your applications and files. This procedure usually takes a day or less. If PNPI exists on the hard drive, we will contact IT to determine if any further action is necessary. During this more extensive investigation by IT, expect not to be able to access your computer for several days.
To insure that your computer is exploit-free and always up and running, keep virus protection up to date, apply operating system and application updates, avoid clicking on links or attachments that you were not expecting to receive, and follow IT’s guidelines for storing PNPI.
March 23, 2009
Written by George Mulford
CHEP policy, simply stated, is that every administrative computer, including those used by faculty, should be reformatted before being turned over to the next user. The purpose is not only to make sure no sensitive records are being retained without the next user’s knowledge, but also to make sure no malicious software survives the transfer. A side benefit not to be lightly dismissed is that the computer will be faster after a reformat and the operating system and all the standard applications will be up to date, and so more secure.
The wisdom of this approach has been born out by two recent malware cases (yes, in CHEP!) that could have been prevented by timely reformatting. The damage unwanted programs can do by compromising sensitive information, launching attacks on other computers, overwhelming network resources, and of course making the infected computer nearly unusable, is hard to overestimate.
Some of our clients nevertheless fail to report that a computer is changing hands; some report it but ask us to skip the routine reformat, either to save time, or because there’s something on the hard drive they think they might need, or because there are applications on the computer they aren’t sure how to replace. None of these is an adequate reason to forgo a precaution as sensible as keeping school kids from sharing hats. You really don’t want to live through a cootie outbreak!
Write oet-help and we promise we will work with you to minimize the impact of this necessary intervention. Please, please, don’t let a computer go uninspected through two or three years of revolving-door users. It’s those computers that are generally the scariest to examine closely. Call them in! We’ll clean them up.
February 20, 2009
Written by Joel Pease
Adobe announced today that there is a problem with all versions of their Acrobat and Reader programs that could compromise your system. Unfortunately, there will not be a fix available for the software until March 11th. Since the only way to be affected by this bug is to open a PDF file that is designed to exploit it, our advice to users of Adobe software is to be very careful only to open PDFs that were created by people and organizations that they know and trust. We also advise everyone to make sure that they are running the most current version of McAfee.
January 28, 2009
Written by George Mulford
Remember how, when we used floppies, they were the primary way viruses spread from computer to computer? As you’d expect, now that thumb drives (or USB flash drives, to be formal) are everywhere, viruses are using them to spread themselves. There have been reports of a rapidly-spreading but relatively harmless one on the UD campus; but in the wider world, the Conficker or Downadup worm has been reported to spread this way (as well as directly over the Internet to computers whose patches aren’t up to date).
OET recommends that you download and install a little utility called iKill that will warn you when a flash drive is attempting to install a program on your computer. You can get it from the CNET download site, http://www.download.com/iKill/3000-2239_4-10843779.html
January 21, 2009
Written by George Mulford
The latest fashion in software that will infect your computer is a notice that your computer is already infected and that you need to download antivirus or anti-malware software to clean the infection. One particularly virulent attack calls itself WinAntivirus 2009 and sports the official Microsoft Security Center logo. It pops up full-screen, and the ONLY way to protect yourself from infection is to turn your computer off immediately, since any click anywhere on the screen will download the attacking software. Call OET (8162) and don’t turn the computer on till we get there!
These programs are not just an annoyance: many of them will bury themselves deep in your operating system, steal personal information like passwords, and beam the information back to a central collecting point. Almost all of them will use your computer as a launching pad to attack other networked computers. As always, the best advice is to think twice before you go to a website that looks at all suspicious, and NEVER click on a link in an e-mail unless you’re sure it’s taking you somewhere safe.
George Mulford
