Introduction

Malware is all over the Internet, in many different forms that will attack you in various ways. Malware (malicious-software) is dangerous code that attackers attempt to run on your computer. The different forms of malware span from downloaded executable files, to certain webpages, and even malicious Office documents. While it is easy to become infected with malware, there are several simple steps that you can take to stay safe.

Take Action to Prevent Malware

Please review the following tips for keeping your devices malware free.

  1. Keep your devices up to date. Product vulnerabilities are frequently uncovered by researchers and attackers. Patches that protect devices from these vulnerabilities are released in updates by the product vendor. Making sure that your software has been updated to the latest version, you can ensure that you have the latest security patches, and that an attacker will not be able to exploit a known vulnerability on your device. Additionally, you should make sure to enable automatic-updates on all of your devices and application stores, as well as frequently checking for updates to software that you use. 
  2. Be mindful of downloads and email attachments. A common vector of attack is by automatically downloading executable files onto a user’s computer, or by tricking them into opening a malicious email attachment. If you were not expecting to get a file or you do not trust its source, delete the file immediately. If your operating system provides a default application store, try to download most of your software from there to avoid accidentally running malicious code that you found on the Internet. If you do need to download software from the Internet, make sure that you are getting it from the organization’s official website.
  3. Anti-malware software is a solid last-line of defense. Anti-malware (or antivirus) software can scan your computer and detect any malware or dangerous files that are already present. Because analysts need to find and study new malware before the scanner can be trained to detect it, anti-malware scanners will not be able to immediately detect new and unique malware. Most anti-malware software will allow you to run an on-demand scan that looks at all of the files on your computer. After it finds a file that has malicious “signatures”, the scanner will prompt you to delete (or quarantine) the infected file. You should make sure that you run an anti-malware scan on your computer at least once a week. There are also paid versions which can be set to automatically run system-wide scans, and will constantly run in the background monitoring any new files or programs. 
  4. Know the indicators of compromise on your computer. By knowing some of the changes that may occur on your computer if it becomes infected, you can respond faster if an infection should occur. Some of the potential symptoms of a malware infection include but are not limited to :
    • altered settings on your computer
    • new, changed, or missing files
    • a sudden drop in performance or responsiveness from your computer
    • an abundance of advertisements
  5. Backup your devices and important files. This is great advice in general, however some malware is also known to destroy valuable data. WPI offers a backup solution through OneDrive. By backing up your important files, you will be able to quickly remediate from a potentially devastating infection.    

Helpful Definitions

  • Malware:  An umbrella term used to refer to a wide range of viruses, worms, Trojans, and other programs that a hacker can use to damage, steal from, or take control of endpoints and servers. Most malware is installed without the infected person ever realizing it.
  • Malicious Script: A script, or more specifically "malicious script," is the term we used to describe software that is written to intentionally cause harm to a computer system or its owner. It may be used to breach computer security.
  • Attack Surface: The “attack surface” is all the points where an attacker can try to penetrate the computer or the network.