The most common forms of computer attacks are executed via email, malicious websites, removable media, and social engineering. Although the computer itself is under attack, the primary target is the end user's data. The attacker is attempting to trick the user into performing the actions needed to execute the attack. To protect yourself and your workstation you will want to:
If you have questions or concerns, please contact your local IT staff or the DoIT Help Desk.
If you utilize a personal computer for any work purposes, you need to ensure the security of that device. There are several best practices that you can utilize to secure personal devices:
The biggest security concern with mobile devices is that they are easy to lose or misplace. Additionally, mobile devices face most of the same threats as typical workstations, plus a few unique challenges:
Malware and Spyware: The amount of malware reported for mobile devices is rapidly increasing. There may be an anti-malware app for your phone.
App Permissions: The access that an application, particularly a “free” one, requests could include everything from your contact list to your physical location. This information may be stored or distributed to third parties by the app developer, as well as stolen or intercepted by unauthorized users.
Dialing for Dollars: An attacker sets up a premium text message system. The attacker creates malware to dial that number. The malware is installed as part of a downloadable game. The cell phone then periodically texts the number adding charges to the owner's cellular bill.
QR Codes and Shortened URLS: Short URL or QR Codes do not indicate where the end user is getting directed. They could be sent to a site that attacks the user's device.
Phishing Websites: Phishing websites are not new. Scammers have been targeting mobile devices because it is more difficult to recognize the site. Mobile devices make it difficult recognize the sites without security software.
Drive-by Downloads: This is a real website that an attacker has compromised and installed hidden malware. The malware will download when a user visits the site. This site is difficult to detect without security software.
While the Internet allows us to work from nearly anywhere, it also makes it easier for attackers to listen in on our communications. You should be especially mindful of how you're accessing campus resources from an untrusted network. Fortunately, there are tools and resources available to assist you and protect your devices.
Below are statistics from University of Wisconsin Police Department regarding the reporting and recovery of stolen devices.
|Year||Laptops Stolen||Laptops Recovered||Cells Stolen||Cells Recovered||Tablets Stolen||Tablets Recovered||Desktops Stolen||Desktops Recovered|
According to UW Police "very few desktops stolen, while portable devices and cell phones are way up there. Vast majority of these thefts are opportunistic, where the thief sees an item unattended and unsecured."