In the ever-evolving landscape of IT security, it’s crucial to stay informed about recent attacks to understand the threats we face. Today, we’ll discuss a significant cybersecurity incident that occurred in November 2023. 

The Boeing Data Breach 

On November 2, 2023, aircraft manufacturer Boeing reported a “cyber incident” that impacted several elements of its business. The company is working with law enforcement to investigate the attack. 

The LockBit ransomware gang initially claimed responsibility for the attack and posted a threat directed at Boeing on their website. However, there is no clear evidence available at this point to suggest Boeing has paid the organization a ransom. 

The Impact 

Boeing has confirmed that the incident has no bearing on flight safety. However, the full extent of the impact is still under investigation. Data breaches can lead to significant financial losses, damage to reputation, and potential regulatory fines. 

Lessons Learned 

This incident serves as a reminder of the importance of robust cybersecurity measures. Here are some key takeaways: 

1. Use the University’s Approved OneDrive: Store all University data on the University’s approved OneDrive instance. This ensures that your data is secure and compliant with the University’s data policies. It also provides recovery capabilities in the event of an incident. 

2. Use O365 Defender and InTune Suite: Utilize the O365 Defender and InTune suite for your security needs. These tools provide comprehensive protection for your devices and data. 

3. Enable Multi-Factor Authentication (MFA): Always enable MFA on your University and University-related accounts. This adds an extra layer of security by requiring a second form of identification beyond just your password. When purchasing software, look for applications that support Single Sign-On (SSO). This allows your UT account, with MFA, to grant you access. As a bonus, you won’t have to memorize a new password! If you are unsure if the software supports SSO, contact the vendor. 

4. Be Wary of Phishing Attempts: Be cautious of unsolicited communications asking for your personal information or directing you to log in to your accounts. Also, be cautious of any job opportunities you receive in email. Always verify the source before replying or clicking on any links. Whenever possible, manually type in the website address of the site, or use a known-good bookmark, to access the site. 

5. Keep Your Devices Updated: Regularly update your devices and applications to the latest versions. These updates often include patches for security vulnerabilities. 

6. Use Secure Networks: Avoid using public Wi-Fi for sensitive transactions. If you must, use the UT Pulse Secure Virtual Private Network (VPN) to encrypt your data. 

Remember, cybersecurity is everyone’s responsibility. Stay safe online!