Go to USC home page USC Logo University Technology Services
RSS Feed Twitter Facebook
Office Hours:
M-F 8:30am – 5:00pm

Service Desk Hours:
M-F 8:00am – 6:00pm

iCARE Center Hours:
M-F 9:00am - 5:00pm

1244 Blossom St.
(803) 777-1800
servicedesk@sc.edu






Information Technology Security

Threats

In IT Security, the word threat means anyone or anything that poses a danger to computing resources, or to computer users, or to their important data.

University policy forbids anyone to ask you for your password, and forbids you to share your password with anyone. When an account is detected sending spam, the University does not attempt any contact via that account, but blocks it immediately, as it is presumed to be under control of a spammer.

Current Threats

  • Individuals Encouraged to Disable Java Software

    Hackers have found a flaw in Java 7 coding that could potentially allow malicious software to be installed on computers, thus increasing the chance of identity theft or the disabling of entire networks.

    Beginning immediately, Java should be disabled and/or uninstalled from any system where it is not necessary to complete official university business. If Java cannot be disabled and/or uninstalled, University Technology Services (UTS) IT Security Office recommends installing the latest version of Java, which contains a patch to help reduce the risk of hacking.  NOTE: It is still unclear if the latest version of Java fixes the latest critical security issues. As a result, disabling or uninstalling Java is preferred to updating.

    All students, as well as faculty and staff members who do not have a Desktop SLA with University Technology Services (UTS), should follow these directions on how to disable Java: http://www.java.com/en/download/help/disable_browser.xml

    UTS will automatically patch computers supported by a Desktop SLA. No action is required for individuals who fall under this category.

    If you use more than one browser, it is possible to set-up configurations so Java is only enabled on one. The browser that has Java enabled should only be used when necessary. Instructions can be found here: http://superuser.com/questions/45911/java-different-versions-for-ie-firefox.

    If individuals are unable to perform any of the above recommendations, web browsing should only be related to official university work until the newly released patch in installed. By limiting the amount of web browsing, the risk of vulnerability can be significantly reduced.

    Java is used on millions of Windows, Mac, and Linux machines in addition to mobile devices around the world to access interactive content or web applications and services.

    If you are not sure if you have Java already installed on your computer, visit the Java website. Be sure to only check if you have Java installed; do not actually install it. The Java website can be found at: http://www.java.com/en/download/installed.jsp.

    Click here for instructions on how to secure your home PC or click here for instructions on how to secure your home Mac

    If you have any questions, please contact the UTS Service Desk at (803) 777-1800, Monday - Friday, 8 a.m. to 6 p.m. or email servicedesk@sc.edu

  • Phishing: In response to the increase in phishing attacks, USC has begun to implement several measures intended to reduce the number of e-mail accounts compromised by phishing. For more information, see the USC Phishing Response web page.

Common Threats

  • Bot: A type of malicious software program that permits a computer criminal to have remote control of a computer (a "back door"). Once in control of the robot computer, the criminal can use it for email spam distribution, Internet attacks, or to steal information from the computer.
  • Malware: Any type of program that is created with the intent to cause damage, steal data, or abuse computer system resources.
  • Phishing: Any email or communication intended to trick the recipient into disclosing secret or sensitive information, such as passwords, Social Security numbers, user names, or bank account numbers. Frequently, the message pretends to be from a known institution, such as a bank or company IT department. These communications will often ask the recipient to reply to the email with their personal information. If the user replies, the criminal can then use their information for identity theft: accessing computer networks, bank accounts, and other personal information.

    Click here for more information about phishing.


    Phishing Examples:

    • phishingex

  • Social Engineering: Any psychological technique used by computer criminals to manipulate people into doing something they would not ordinarily do.
  • Spear-Phishing: A phishing attempt targeted to a small group of people
  • Trojan Horse: A type of malware that spreads to computers by posing as a desirable program or data file. End users may download the program thinking it will do a particular task. But once loaded, the Trojan Horse will perform malicious activities on the computer, such as stealing user information. trojanex

  • Virus: Commonly used to mean "any bad software." Technically, a virus only refers to atype of malware that spreads by attaching itself to other programs. Viruses can replicate themselves on your system, pass themselves on to other computers, and cause operational slow-downs and even damage to the computer operating system.
  • Worm: A type of malware that spreads by copying itself onto other computers, disks, or memory cards.
Back to Top
 
Safety/Emergency Information Directory: Find People                   Map: Find Places                   Calendar: Find Events                   VIP Contact and Site Information
Columbia, SC 29208 • 803-777-1800 • Webmaster Privacy Policy © University of South Carolina Board of Trustees