imageConsider the following; “Installing and running anti-virus software on all of your devices is an OSU requirement.”

True or False?

It is true; anti-virus software is a requirement while you are at the university as it is part of the “Acceptable Use of University Computing Resources” agreement, which you should read because by being at OSU you have implicitly accepted that agreement.

I am not saying that you have to buy anti-virus software, because OSU Information Services and Dr. Tech have got your back on this; go to

>oregonstate.edu/helpdocs >Software >Recommended Software

You will there find pages which explain how to configure Windows Defender or install ClamXav for Mac OS X; neither program will cost you money.

The resources referred to in this article with annotations and more are available at Dr. Tech’s Bookmarks.

They are “recommended” in the sense that these are OSU’s supported anti-virus solutions.

You can use other solutions (i.e. Symantec, McAfee) but you are required to have anti-virus protection on each device.

This protection is required at OSU because your devices share common networks with tens of thousands of others.

An unprotected device is a threat to everyone.

Consider the taxonomy of software called “malware,” which is code used to replicate itself, disrupt computer processes, gather information illicitly, or gain unauthorized access to a computer.

McAfee Labs collects malware and produces anti-virus software.

In “The State of Malware 2013" McAfee reports cataloging over 100,000 new malware samples every day.

That rate is increasing and the malware is growing in sophistication.

To put this into context, as McAfee Labs states; “Malware infiltration and data exfiltration almost always occurs over a network.”

That means that whenever your devices are on the OSU wireless or wired networks, they are exposed to malware.

It does not make me feel better to know that my own government is creating and spreading malware.

Malware infiltration is the infection of a computing device by a malicious program; data exfiltration is the unauthorized transfer of data from a computing device.

I hear someone asking; “Sure, but how bad can that be? It’s just a program.”

imageConsider some of the major types of malware and what they do.

Virus: this type of program replicates and spreads by inserting copies of itself into programs, data files, email, web pages, etc. Successful viruses can do many evil things from stealing and corrupting your data to wrecking your computer.

Worm: these replicate themselves in order to spread to other computers, but unlike a virus do not attach to another program. Like a virus they are evil.

Trojan horse: they don’t replicate but covertly invade a computer in order to execute commands or steal passwords. They sneak through protections by hiding within legitimate programs, like the Greeks did at Troy (read The Iliad).

Ransomware: invades your device in order to ruin your day by encrypting files or blocking programs, then it demands payment from you in order to be removed.

Spyware: these stealth programs sneak into your devices and quietly steal your data, passwords, and credit card numbers to send to their malefic masters.

Adware: invades a computer, often to hijack the web browsers, in order to force the display of unwanted advertisements and search engines. Does this malvertising actually work as a marketing strategy?

Rogueware: these horrors impersonate an anti-virus solution which warns you that your device is infected. If you fall for it and install the lying rogueware, your device will now be infected.

Scareware: a variation of rogueware that plays on all kinds of fears from internet security to social reputation. Everyone has a secret fear (read 1984 by George Orwell) and for each there is a scareware eager to strike terror into your heart.

PUP: a “Potentially Unwanted Program” that may not be directly malicious though they surreptitiously take over functions of programs that you have chosen to use and use up resources slowing down your device.

You have probably seen PUPs in the form of weather apps, search bars, shopping tools, browser redirects that you did not consciously choose to install.

I call PUPs ‘predictably unwelcome parasites.’

That’s just the short list, but isn’t it reason enough to implement anti-virus protection now?

Even better, add malware protection to your computer.

OSU recommends MalWareBytes and SUPERAntiSpyware and has links to them at the above referenced web pages.

Both programs have free and premium versions.

With them you run scans for malware. When they find malware code it is put into a delete folder that is quarantined from the rest of the computer. You can review those programs and choose to keep or delete them.

These anti-malware tools can be set to run scheduled scans and the premium versions provide real-time protection.

While writing this I ran a scan of my desktop from MalwareBytes. It found eight Trojans and ninety four PUPs on my computer.

My last act in writing this article will be to select “delete all” (heh heh).

I strongly recommend that you visit the IS helpdocs, install anti-virus software and malware protection software and use them regularly.

In good spirit,

Dr. Tech

 

Acknowledgements: Creative Commons Licensed images

http://pixabay.com/en/malware-virus-hacker-trojan-297722

http://www.cyberlawcentre.org/unlocking-ip/blog/2007_02_01_archive.html

Advertisements