Western Illinois University: Macomb Campus

• Future Students
• International Students
• Parents & Family
• Online Learning
• Social Networking

• Web Tools
• • STARS
  • WIUP
  • WesternOnline
  • E-Mail / Guava
  • Course Offerings
  • my.WIU Portal
  • Western's Knowledgebase
  • Directories
  • Weather
  • A-Z Index

WIU.edu

People

Explore WIU Apply Now

USB Malware Proliferating

Discussions of data security in recent months have been dominated by the widespread security threats caused by infected USB devices. Research reveals just how widespread these threats are.

• One out of every eight malware attacks involves an infected USB device, according to a recent report by security firm Avast Software.
• The attacks often exploit the Windows AutoRun feature, which automatically runs executable files.
• The malware can then copy itself onto the machine and replicate itself every time the computer starts.

Just prior to the holiday break the University experienced a wide spread infection of 700+ university computers spread primarily via infected USB drives. The bulk of the infections (approximately 400 computers) involved public computers such as in labs, CRCs, and the library.

What’s the solution?

To keep USB malware off of our network, experts recommend:

• Disabling auto-play for USB drives
• Enabling “on-access auto-scans” in your antivirus program to scan a file before it is used
• Keeping your computer updated with the latest Operating System security patches
• Keeping your computer updated with the latest security patches for third party applications such as Microsoft Office, Java, Adobe Acrobat reader and Flash.
• Disabling USB ports for users who don’t need them
• Removing or limiting administrative rights for computers to reduce the likelihood of infection

While the University has implemented many of these best practices (except for things like disabling USB ports) we need your assistance to minimize a reoccurrence of this or similar malware incidents by:

• Patching your 3rd party applications
• Getting your USB drive scanned and cleaned at any number of cleaning stations spread through campus
• Not starting your computer with a USB device attached as this can result in malware being loaded ahead of some antivirus startups.
• Not taking USB drives suspected to be infected from computer to computer and thereby aggravating the situation.

Finally a quick reminder about data

A reminder to delete temporary internet files and empty your computer’s Recycle Bin on a regular basis as we continue to find sensitive data in these areas.

 

Regards,

Michael Rodriguez, Chief Technology Security Officer, Western Illinois University
Email: ma-rodriguez@wiu.edu
Awareness: http://www.wiu.edu/Awareness/technology

“Those that fail to learn from history are doomed to repeat it” - Winston Churchill