This content is viewable by Everyone
Reduce Malware Risk
Author: Esther Silver
The link to the IT Security Awareness Quiz is at the end of the article. Everyone who takes the quiz is entered in a drawing for one of six $50 Amazon Gift Cards!
Is your computer running slowly? Are programs opening and closing automatically? Are you seeing pop-ups, suspicious websites, or other unwanted programs? These are a just a few symptoms of malware.
Malware is a general term used to describe any type of malicious software program, including viruses, worms, spyware, adware, ransomware, and scareware. Malware presents a direct threat to devices and data and can be used to delete, damage, or steal data. It can also create backdoors into our secure environments, potentially leading to security breaches and large punitive fines, all of which can impact UCSF patient care, research, and education and make critical systems unavailable.
According to Wired magazine, this past year has been an especially bad period for malware threats due to COVID-19:
"The pandemic also created unprecedented conditions in cyberspace, reshaping networks by pushing people to work from home en masse, creating a scramble to access vaccine research by any means, generating new fodder for criminals to launch extortion attempts and scams, and producing novel opportunities for nation-state espionage. "
The past year has also seen an enormous increase in the frequency and severity of ransomware attacks and, as many of you have likely read in the news, the healthcare industry has been particularly hard-hit.
People most often become victims of malware by doing one of the following:
- Opening infected email attachments, usually from messages they were not expecting
- Installing non-reputable applications without anti-virus software installed
- Downloading pirated software, music, or videos
- Sharing files and applications with strangers
- Visiting sites infected with malware
- Not patching their operating system and/or applications
- Clicking on ads
What can you do to prevent becoming infected with malware?
- Follow the required UCSF Minimum Security Standards and install our anti-malware solution, Symantec Endpoint Protection (SEP). ITFS-managed computers automatically have SEP installed and are kept up-to-date to the latest version. If you are using a non-ITFS managed Macintosh or Windows computer, you must install SEP as well as the other mandatory security software. They are free and you can download them from Software @ UCSF. Once installed, make sure you keep all UCSF security software up to date by periodically checking the UCSF Software Download site.
- Install BigFix from the software site mentioned above. It is our endpoint management agent which assists with patching and automatic entry into our CMDB (asset inventory). This allows you to be associated with your device in the event of an incident, which allows for a more direct and rapid response if detection of a security event occurs.
- Don't open email attachments that you are not expecting.
- Don't install programs from unverified locations.
- Don't download or install pirated software.
- Properly backup your data. Backup service (CrashPlan Pro) is offered at no additional charge to all ITFS-managed Windows and Macintosh computers as part of the ITFS Basic Support, and to UCSF Medical Center managed laptops. If you manage data that is not on your computer, consider using the Backup Services provided the IT Service Desk
What should you do if you think your computer is infected?
Contact the IT Service Desk or call 415-514-4100
Take the quiz on Reducing Malware Risk. The prize for passing the quiz is one entry in a drawing for one of six $50 Amazon gift cards.
UCSF Minimum Security Standards for Electronic Information Resources
Ransomware Rising: Putting Our Files at Risk
UC’s Important Security Controls for Everyone and All Devices
How Do I Protect My Computer from Ransomware