UC San Diego SearchMenu

More Information About Viruses and Hackers

Often times computers that are connected to a college network begin experiencing problems as a result of viruses or malware that have been downloaded onto the host system. These problems can be so small that they cause only minor difficulties in accessing certain files and changing settings, or so damaging that they can essentially destroy your system.

What exactly are these things that I need to avoid?

Malware

Short for "malicious software," malware is any software that is intended to damage, disable, or do other unwanted actions on computers and computer systems. Common types of malware include viruses, worms, trojans, and spyware.

Virus

A virus is a computer program written to maliciously affect the way a computer operates, with or without the knowledge or permission of the user, by loading itself onto a system file. A virus is capable of reproducing itself once it's on a system to prevent other programs from working. Viruses can interrupt the execution of programs, delete files, or destroy the contents of your hard drive. Some aren't designed to do any damage at all but simply annoy - bringing up text, video, and audio messages. They typically take up memory that could be used for other programs. This can cause your computer to become unstable and function erratically. Eventually, many viruses may cause your system to crash.

Adware

Adware is any software package which automatically plays, displays, or downloads advertisements to your computer. These can be in the form of pop-ups or toolbars that sit on your desktop or work in conjunction with your web browser. While adware alone is harmless, some adware may come with integrated spyware and other privacy-invasive software.

Spyware

Spyware is software that self-installs on a computer, enabling information to be gathered about your internet use, passwords, credit card information etc. without your knowledge and distributed for malicious use.  

Trojan

A trojan is a program that appears to be legitimate, but performs some illicit activity when it is run. It may be used to locate password information, make the system more vulnerable, or simply destroy programs or data. 

Worm

Worms are quite similar to viruses in that they are usually spread with the transfer of an infected file. Worms usually try to spread itself and infect as many computers as quickly as possible. Worms can take up both memory and network bandwidth and often times destroy files.

Rootkit

A rootkit is a software that enables continued administrative access to a computer, while actively hiding its presence from administrators by hiding in the master boot record. This means executing files, accessing logs, monitoring user activity, and even changing the computer's configuration. 

Bot

A bot that has infected a machine typically sits quietly as a background program and listens for instructions. An entire network of machines infected with a particular bot is called a botnet, and the individual computers are often calledzombies. Bots generally do not do much on a computer, until the owner of the botnet sends out instructions to the infected machines. The zombie machines might be used to send out email spam messages or other malicious and illegal activities, such as hacking into a server with sensitive information or bringing down a web server. 

Why is Computer Security so important?

Malicious computer hackers, data-destroying viruses, and email spam are only a few of the many possible threats to your personal security. Without being properly protected, hackers can gain access to virtually any file or information stored on your computer through malicious programs. You could potentially lose all of your data or become unable to use it. It is easy to prevent malware infections and surf the internet without feeling insecure by simply taking a few precautionary measures listed below, and using your best judgment. 

But how often does it actually happen?

More than you would think! We remove malware from more than 450 machines, on average, during Fall quarter. Many of these machines come to ResNet because Network Security blocked their internet connection on campus in order to protect the user as well as the network from malware/hackers. Malware also spreads through peer-to-peer programs (e.g., uTorrent, Vuze). Just to give you a gauge of how often this happens, 3 MIT researchers conducted a study in 2006 and found that 15% of files downloaded from peer-to-peer networks were infected by 52 different viruses. This is only one of the many ways your computer can get infected with malware. 

Hey no worries, I've got a Mac.

Although most malware are targeted to injure systems using Windows, Macintosh computers can still be susceptible. In the past, trojans have broken the internet connection of Mac users. Also, you can spread infected files to your friends who have Windows through email attachments or file transfers without knowing it.

What does it mean if my machine has been 'hacked' into?

If your computer has been 'hacked' into, someone has gained access to your computer, usually remotely, without your permission and/or knowledge. This means that any private information you have can be shared or stolen through the network connection. Hackers can also perform illegal activities through your computer (leaving you responsible) and/or cause you to lose your data and programs.

How did I get infected with a malware or get hacked?

Computers that are the most susceptible to being hacked are those who do not meet minimum security standards (see Update and Secure Your Computer). Malware can be unintentionally downloaded from other programs, files, or email attachments. Others can also access your computer through security holes in the operating system you are running, so make sure you get all applicable security patches from the manufacturer's website or by running software updates regularly.

What are some signs that my computer may be infected or hacked into?

  • If you see pop-ups that run automatic scans and says that your computer is infected with a ridiculous amount of viruses, this is a sign you may have a fake antivirus program
  • If your screen turns black and all of your start menu items and desktop icons disappear.
  • If you start up your computer and see random 'black screens' (command prompts) pop up and close.
  • If your computer is running unusually slowly. This could mean that your computer is running programs in the background that you don't know about.
  • If you are getting a lot of emails returned with virus warnings.
  • If you see your computer icons running away from you as you try to click on them, or if your computer decides to 'chat' with you.
  • If you see black console screens open and close when you boot up your computer.

How to secure your computer from malware and hackers:

The only method that is 100% sure is isolating the computer from all other computers and the internet. Obviously, this is not a realistic option, so you must take as many reasonable precautions that you can. To ensure that you have the minimum security standards, you should have:

  • A secure password to your computer
  • Your firewall turned on
  • Automatic updates turned on
  • A reliable Antivirus program (we recommend Microsoft Security Essentials)

For more information on securing your computer, please visit our Secure Your Computer page.

What to do if you think your machine has been infected or hacked:

  • Disconnect your machine from the network it is connected to until you find out more about the malware you have. This will protect your computer from getting more malware and keep your it from infecting other computers.
  • From another computer, go here for step-by-step instructions for cleaning and securing your computer.
  • Call ResNet at (858) 534-2267 or stop by the ACMS Help Desk and check your computer in.

What's the worst thing I can do if I do have malware?

Ignore it. Ignoring the problem will not make it go away. In fact, it will help spread the virus to other places on the internet (i.e. your friends and family). If you suspect that your computer has become infected with malware, please visit our Scan and Secure page for Windows machines, or you can contact our Help Desk and bring your computer to our office, where one of our staff members will help you remove the malware.

ResNet

Telephone: (858) 534-2267
E-mail: resnet@ucsd.edu
Location: Applied Physics and Mathematics 1313
More...