Compromised Workstations/Laptops
Is your workstation or laptop running “slow”? Does it take FOREVER for an application to start? Do you come in after being away from your desk to often find that your computer has restarted, displaying some sort of cryptic message about a problem? Your machine may be compromised or infected.
Security incidents come in all varieties. We are constantly under attack through web applications, emails, and infected media (even new ones, fresh out of the package). It’s important that you report any of the symptoms like the ones listed above to your departmental leadership and IT staff or the OIT HelpDesk. It’s especially important if you routinely work with or have access to sensitive information like social security numbers, credit cards, or student information. Federal law may require that the compromised information be reported.
So…you don’t work with sensitive information or have access to any of the above? You should still let your department know about the peculiar behavior or call the OIT HelpDesk for guidance. Remember that we are all at risk when a device or a NetID is compromised.
If it looks like a duck, walks like a duck, and sounds like a duck, it might be a compromised machine.
What do you do? Let someone know! Don’t turn your computer off (if you can avoid it) unless you are instructed to do so by your manager, OIT, or your departmental IT staff. You can and should go ahead and unplug its ethernet cable or shut down its wireless connection. Departmental IT: Don’t just “slick” the drive and rebuild the machine. Crucial information about the compromise could be lost. Don’t rebuild a machine until you’re instructed to do so.
For guidance, call the OIT HelpDesk at 865-974-9900.