With recent events in the news, we know you have questions and concerns. One of those may be about cybersecurity. Am I or is our company more likely to come under attack? Am I at greater risk? We don’t have all the answers, nor do we know what will happen next. But we know from a cybersecurity perspective that you should continue to focus on the fundamentals; that is key to protecting yourself at home and at work. OIT continues to monitor our normal sources of credible threats, and we are following any suggested steps to minimize the IT risk to you and the campus. While the sense of urgency may have changed, how cyber attackers target us has not. By fundamentals, we mean focus on these three key points.

1. Phishing: Phishing and related scams are when cyber attackers attempt to trick or fool you into doing something you should not do. These scams are often sent as emails, but they can also try to trick us with text messaging, phone calls, or on social media. Anytime someone is creating a tremendous sense of urgency and rushing you to take action, or someone is promoting an offer that is too good to be true, this is most likely an attack.

2. Passwords: Strong passwords are the key to protecting your online, digital life. Make sure all your accounts are protected by a separate and unique, long password. The longer your password, the better. To keep it simple, use passphrases, a type of password made up of multiple words like “honey-butter-happy”. Finally, enable Multi-Factor Authentication (MFA) on your important accounts whenever possible. The campus uses Duo as our MFA, or 2FA, provider.

3. Updating: Keep your computers, devices and apps updated and current by enabling automatic updating on all your devices. Cyber attackers are constantly looking for new vulnerabilities in the devices and software you use. Keeping them updated automatically makes sure these known weaknesses are fixed, and your devices have the latest security features.

In addition, there will be a tremendous amount of false information spread on the Internet. This can be done by a foreign government or criminal organization on purpose to confuse people. Do not trust or rely on information from new, unknown, or random social media accounts, such as posts on LinkedIn, Instagram, Facebook, or Twitter. Many accounts on these sites were created for the sole purpose of putting out fake information. Instead, follow only well-known, trusted news sources that verify the authenticity of information before broadcasting it. Finally, if you wish to donate to any causes in support of recent events, once again, make sure you are contributing to a well-known, trusted charity. There will be many scams attempting to trick people into donating to fake charities run by cyber criminals.

We know that times like these can feel a bit scary, but we also wanted to let you know you will be fine. Continue to focus on the fundamentals in our annual Security Awareness Training. You will go a long way to protecting yourself, no matter who the cyber attacker is. If you SEE SOMETHING; SAY SOMETHING. Call the OIT HelpDesk at 865 -974-9900 if you have questions.