{"id":19694,"date":"2020-07-02T12:56:57","date_gmt":"2020-07-02T16:56:57","guid":{"rendered":"https:\/\/michigan.it.umich.edu\/news\/?p=19694"},"modified":"2024-07-08T06:04:54","modified_gmt":"2024-07-08T10:04:54","slug":"19694","status":"publish","type":"post","link":"https:\/\/michigan.it.umich.edu\/news\/2020\/07\/02\/19694\/","title":{"rendered":"Check systems for signs of compromise"},"content":{"rendered":"\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"344\" src=\"https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-700x344.png\" alt=\"&quot; &quot;\" class=\"wp-image-19695\" srcset=\"https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-700x344.png 700w, https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-300x147.png 300w, https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-200x98.png 200w, https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-768x377.png 768w, https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-1536x755.png 1536w, https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-665x327.png 665w, https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920.png 1600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><figcaption>(<a href=\"https:\/\/pixabay.com\/users\/bluebudgie-4333174\/?utm_source=link-attribution&amp;utm_medium=referral&amp;utm_campaign=image&amp;utm_content=2681372\">bluebudgie<\/a> from <a href=\"https:\/\/pixabay.com\/?utm_source=link-attribution&amp;utm_medium=referral&amp;utm_campaign=image&amp;utm_content=2681372\">Pixabay<\/a>)<\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Has a system you are responsible for been compromised? How would you know? What should you do?<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Almost all IT professionals at some time in their career have faced these questions.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Information Assurance (IA) offers guidance for checking your systems for signs of compromise, or simply suspicious activity.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Start by checking system and software logs for the following components to be sure they are running as expected and have no unexpected configuration changes:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Antivirus and malware detection software<\/li><li>Network activity<\/li><li>Changes to the operating system or files and directories<\/li><li>Unexpected changes, including to protections like firewalls<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Be sure to check your antivirus and malware detection software logs for any alerts to possible problems after they have run.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/safecomputing.umich.edu\/it-security-professionals\/tools-templates\/checking-for-compromise\">Checking Systems for Signs of Compromise<\/a> covers these points and more to help you know when you could be facing a potential IT security incident. If you are, or just need help with checking a system, ITS Information Assurance (IA) is there to help! Contact IA through the <a href=\"https:\/\/its.umich.edu\/help\">ITS Service Center<\/a>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Sensitive U-M data?<\/strong> If a system contains sensitive U-M data and you suspect it has been compromised in any way, report it immediately to IA at <a href=\"mailto:security@umich.edu\">security@umich.edu<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Has a system you are responsible for been compromised? How would you know? What should you do? Almost all IT professionals at some time in their career have faced these questions. Information Assurance (IA) offers guidance for checking your systems for signs of compromise, or simply suspicious activity.&nbsp; Start by checking system and software logs for the following\u2026 <span class=\"read-more\"><a href=\"https:\/\/michigan.it.umich.edu\/news\/2020\/07\/02\/19694\/\">Read More &raquo;<\/a><\/span><\/p>\n","protected":false},"author":49,"featured_media":19695,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","_umich_oidc_access":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_ef_editorial_meta_date_first-draft-date":"","_ef_editorial_meta_paragraph_assignment":"","_ef_editorial_meta_checkbox_needs-photo":"","_ef_editorial_meta_number_word-count":"","footnotes":""},"categories":[27],"tags":[563],"class_list":["post-19694","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-safe-computing","tag-virus"],"uagb_featured_image_src":{"full":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920.png",1600,786,false],"thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-200x98.png",200,98,true],"medium":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-300x147.png",300,147,true],"medium_large":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-768x377.png",665,326,true],"large":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-700x344.png",600,295,true],"1536x1536":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-1536x755.png",1536,755,true],"2048x2048":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920.png",1600,786,false],"excerpt-thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-200x140.png",200,140,true],"themonic-thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-60x42.png",60,42,true],"ioslider-thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-658x300.png",658,300,true],"post-thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920-665x327.png",665,327,true],"400x250-crop":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2020\/07\/magnifying-2681372_1920.png",400,197,false]},"uagb_author_info":{"display_name":"Matt Ranville, ITS Privacy Office","author_link":"https:\/\/michigan.it.umich.edu\/news\/author\/mrr\/"},"uagb_comment_info":0,"uagb_excerpt":"Has a system you are responsible for been compromised? How would you know? What should you do? Almost all IT professionals at some time in their career have faced these questions. Information Assurance (IA) offers guidance for checking your systems for signs of compromise, or simply suspicious activity.&nbsp; Start by checking system and software logs&hellip;","_links":{"self":[{"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/posts\/19694","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/users\/49"}],"replies":[{"embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/comments?post=19694"}],"version-history":[{"count":3,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/posts\/19694\/revisions"}],"predecessor-version":[{"id":19698,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/posts\/19694\/revisions\/19698"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/media\/19695"}],"wp:attachment":[{"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/media?parent=19694"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/categories?post=19694"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/tags?post=19694"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}