Makerere University

Enter a keyword or two into the search box above and click search..

Compromised Systems

You are here

By Kyomuhendo Esther Diana

Each day, cybercriminals are finding new ways to break into personal computers and steal important information. That’s why cybersecurity is of the utmost importance, especially when using these devices for work or business. With all of the ways that attackers can infiltrate your computer, it’s important to keep an eye out for the warning signals that your device may have been compromised.

Once you've been compromised, you basically can't trust any of the data files you had on the compromised machine. If you are repeatedly re-compromised, you must be extra careful about examining all of your files, data and habits to figure out in which the attacker is hiding.

Compromised Computer is defined as any computing resource whose confidentiality, integrity or availability has been adversely impacted, either intentionally or unintentionally, by an untrusted source. 

A compromise can occur either through manual interaction by the untrusted source or through automation. Gaining unauthorized access to a computer by impersonating a legitimate user or by conducting a brute-force attack would constitute a compromise. Exploiting a loophole in a computer’s configuration would also constitute a compromise. Depending on the circumstances, a computer infected with a virus, worm, trojan or other malicious software may be considered a compromise.

A computer is considered compromised if:

  • The device allowed an unauthorized individual to authenticate and perform tasks on the system
  • The device was physically tampered with in a manner that allows it to capture information and/or bypass controls
  • The device had malicious software installed on it through the action of an activated virus or piece of malware, or through the exploitation of a system vulnerability.

When a system is compromised, it may exhibit some of the following signs:

  • A sudden reduction in the computers' performance,
  • Unusual behaviours, such as windows briefly popping up and closing down,
  • Application programs terminating and restarting again,
  • Sporadic failed logins, even though you are certain you entered the password accurately.

In some cases, the suspicious behaviours may be simply a case of software, hardware or data entry errors, but erring on the side of caution is always advised.  If malware is the cause, it can perform a variety of activities on your system, such as capturing sensitive information (including passwords) that you keep in the system, altering stored data, holding your data for ransom, or disrupting service, so it is important to determine, as soon as possible, whether or not malicious activity has occurred. 

Henceforth, it is important to know how to go about a compromised device or computer. There are mainly two ways to go over this;

  1. Reinstall Your Compromised Computer
  2. Cleaning an infected computer of malware.