If you believe a breach of MIT Information may have occurred, immediately report the incident by sending email to email@example.com. You should avoid trying to address situations on your own, as they may corrupt forensic information necessary to determine the scope of the issue and the risks to MIT.
Here are some signs to look for that might indicate that your computer has been attacked and contains malware:
- Exceptionally slow, unable to connect to network services, or simply non-functional. These symptoms may be indicative of a "denial-of-service" attack (an attack aimed at preventing you from using a certain resource.) However, from time to time MITnet is down or exceptionally slow. If you find that you are unable to connect, first check to see if other people are having the same problem. If it is isolated to your system, and you have not received an email notifying you that your drop has been turned off, then the problem may indeed be the result of a malicious hacker.
- Unexplained disk activity. Be aware that some systems do disk-related cleanup while the system is idle, so this may be merely system "housekeeping."
- Unusual log entries such as login failures, user additions/ deletions, or network connections to unfamiliar services.
- System appears to be less responsive than expected. For example, computer stops responding (freezes) more frequently, computer takes longer to start up.
- Your anti-virus software has triggered an alert that your computer is infected, particularly if it says that it was unable to remove or quarantine the affected files.
- Unusual browser activity, including:
- The browser closes unexpectedly or stops responding
- The browser home page has unexpectedly changed or is taking you to sites you did not want to go
- Additional toolbars are added to the browser
- Web pages are automatically added to list of favorites
- You may not be able to reset browser settings or preferences
- Performing a search from a search page provides results on unrelated or unwanted sites or display Web site advertisements.
- Clicking a link does nothing or goes to a unrelated Web site.
- There are new accounts on your computer you did not create, there are new programs you did not install, or a program is asking your authorization to make changes on your system although you're not actively installing or updating any applications.
- Your firewall alerts you that a program you do not recognize is requesting permission to access the Internet.
- Pop-up advertising windows appear when the browser is not open or over Web pages that do not normally have pop-ups.
- Desktop icons are automatically added to the desktop.
- When you start your computer, or when your computer has been idle for many minutes, your Internet browser opens to display Web site advertisements.
- You cannot start a program.
- Components of Windows or other programs no longer work.
|If you believe you have malware on your computer, read the article: How do I remove malware and recover from a system compromise?|