Risks and dangers

The dangers to IT security are manifold. Not only malware (ransomware, encryption software, Trojans), but also phishing emails, spam, security gaps in hardware and software in addition to direct attacks by hackers threaten the security of technical networks, devices and data.

There is no total protection against such risks. Be aware of them. Follow the basic IT rules. Find information on IT security websites, the Federal Office for Information Security (BSI) or data protection websites. Attend information events offered by the university on the topic. The BSI's online course for "digital first aiders" is also informative, with tips on how to help yourself if the technology gets faulty.

How could this happen?

• by clicking on a phishing link in an email, the email password has been exposed to third parties
• the computer has swallowed malware unnoticed (e.g. by clicking on an e-mail attachment) and either sends spam e-mails or downloads further malware.
• surfing to "unsafe" but also supposedly safe sites on the internetet
• Exchanging files and programmes via mobile data carriers such as USB sticks/CDs/DVDs or file attachments of e-mails
• Installing software from unsafe sources

Depending on its type, malware can cause different types of damage to your devices. From deleting or encrypting individual files to completely taking over your device.

Examples of malware are computer viruses, Trojans, worms, spyware. You can find more information on this topic at: Malware - an omnipresent danger.

How can I tell that I am "hacked"?

Typical signs of this are:

• Complaint mails arrive more frequently or own mails are returned.
• Internet and/or mail access only work slowly or not at all: If limits are exceeded when connecting or sending mails, automatic blocks take effect.
• The computer reacts "strangely" or slowly (network load constantly high, even if you are not working intensively on the computer).

The URMZ reacts when it becomes known and blocks the university account and mail access. As soon as the URMZ can be sure that your account is no longer compromised and no longer poses a threat to others, your access will be reactivated after your password has been reset. Computers with malware must be re-installed to ensure that no further unwanted malware is hidden.

What does data privacy have to do with it?

Compromising a mailbox or IT device that contains personal data is already a violation of the protection of that data. In addition to IT security, be sure to inform data protection. They will assess the risk together with you and whether further measures, such as reporting to the supervisory authority, may be necessary. Information on reporting channels and deadlines as well as the form for reporting can be found at the Data Protection Officers' websites.

What should I do if I suspect something?

University network:

• Immediately disconnect the device from the university network (pull the network cable or switch off WLAN)! This will prevent viruses from being passed on to other devices in the same network.
• If it's a device from the university:
  • Immediatly report to the  service desk with the following information: Who is reporting, which IT system is affected, what did you observe or how did you work, when did the event occur, where is the affected IT system (building, room, workstation)?
  • If additional personal data is affected, also inform the data protection officers

private devices:

• Complete formatting of all hard disks
• Reinstalling from trusted software sources, incorporating IT ground rules
• All access data/connection information used should be changed immediately (also applies to Internet access data such as e-mail or bank access).
• Mobile data carriers could be included in the check for malware infestation and deletion

You can find more information on the topic at:  Infection removal: Remove malware

Detecting phishing attempts

Information on security in the home office as well as playful exercises to recognise and ward off phishing attempts:

WorkFromHome(Swiss company Lucy Security)