Spring 2021 Cybersecurity Update

University Information Technology ServicesOffice of Cybersecurity

Overview

Virtual Meeting Security Ransomware Email Scams SMS Scams Remote Working Safeguards Data Classification and use

Virtual Meeting Security via MS Teams & Zoom

Dramatic rise in the use of virtual meeting technologies Business apps topped 62 million downloads…during the week of March 14-21, 2020 worldwide

Up 45% from the week prior

Up 90% from the weekly average of Business app downloads in 2019. Source: https://www.appannie.com/en/insights/market-data/video-conferencing-apps-surge-coronavirus/

Zoom had over 300 million meeting participants per day in 2020 Source: https://www.businessofapps.com/data/zoom-statistics/

Microsoft Teams hits 75 million daily active users Source: https://www.windowscentral.com/microsoft-teams-hits-75-million-daily-active-users

Threats

Most Zoom-bombing incidents (74% of those organized on 4chan and 59% on Twitter) targeted high school and college classes

Researchers have found that most calls to disrupt videoconferences originate with the participants

Source: https://www.wired.com/story/zoombomb-inside-jobs/

Safeguards – MS Teams University Safeguards

Authentication is a core function of the platform, so attendees must join by: Being a member of the tenant (NetID w/ multifactor authentication) Being a Guest of the tenant (Added via MS Teams membership by a team owner) Federated Anonymous (authenticated via unique link sent to email) Dial-In (Number in meeting details)

Some additional Best Practices Manage Attendees versus Presenters Configure meeting options as needed (default to Everyone)

Who can bypass lobby Who can present Allow meeting chat

Safeguards – Zoom University Configured Safeguards

Require a passcodes when scheduling new meetings, instant meetings, personal meetings

Do not embed passcode Only authenticated users can join meetings Mute participants when they join meetings

Zoom also proactively monitors for meetings published publicly and, if it identifies a meeting which is at a risk of being disrupted, notifies the host.

Some additional Best Practices Avoid using your personal meeting room for classes Manage Screen Sharing If planning a large event, consider using Zoom Webinars

Ransomware

Ransomware 2020

•Ransomware is a type of malicious software, or malware

•Access to data or system is denied until a ransom is paid

•It spreads through phishing emails

•It also spreads from infected websites, known as drive-by downloading

Ransomware 2020 Attacks• The year 2020 and 2021 has been a busy year for ransomware attacks, with over $6 trillion

estimated losses worldwide

• Government was the second-most targeted industry in 2020, with education also having attacks

• In March of 2020, a city in North Carolina suffered an attack that impacted essential city and county services, such as fire and emergency response services

• One attack against a university in Tennessee in January 2021 resulted in the loss of usability of all on-campus systems for faculty, staff and students.

• In February 2021, a school district in New York was forced to close all schools due to an attack that locked all user access.

Source: https://www.blackfog.com/the-state-of-ransomware-in-2020

How to Protect Yourself from Ransomware

Store your business-critical files on Microsoft OneDrive, or in the case of confidential data, on your departmental network share

UITS centrally manages patches for university devices. If you're unsure whether your device is being patched, details are available on the UITS website linked at the end of this training

UITS centrally manages antivirus defense for university devices. Forward suspicious emails to UITS at abuse@kennesaw.edu or simply delete them

Only install applications from trusted sources; If you're not sure, reach out to the Service Desk

Practice safe web browsing: Make sure a URL includes HTTPS before entering any personal

information Don't click on pop-up windows or extraneous ads Use re-use your NetID password for other accounts. Use a strong, unique password or passphrase for each account,

and avoid storing account information on a website

Email Scams

Protecting Yourself from Email Scams

Merriam-Webster defines Phishing as: “a scam by which an Internet user is duped (as by a deceptive email message) into revealing personal or confidential information which the scammer can use illicitly.”What to look for and how to respond: Look for spelling and grammatical errors in the email. Do not click on any link provided in an email if you are unfamiliar with the

sender. Always check the source of any gift card request, by calling the requestor. Get a questionable account update email? Take action...

Report scamming attempts to abuse@kennesaw.edu. Delete them!

Final Note: If you discover you have been a scam victim, change your password and report the incident to abuse@kennesaw.edu. If you are unsure, contact the KSU ServiceDesk

SMS Scams

It’s Tax Season: Mobile Scams are Coming.

A recent SMS phishing scam has surfaced in the UK where bad actors are informing some citizens that they are recipients of a refund due to “overpayment” and instructed them to “click a link” to begin the process.

What made it more successful than others in the past?

1. Realistic-looking website. 2. Inclusion of current events, such as coronavirus. 3. Proper verbiage was used. 4. They knew their audience. Since it was a UK scam,

they asked for the victims “National Insurance Number,”as opposed to an SSN for U.S. residents.

Source: https://threatpost.com/believable-tax-scam-mobile-users/163951/

The Truth is...

“The IRS doesn't initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. This includes requests for PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.”

"The IRS will never initiate contact with taxpayers via email about a tax bill, refund or Economic Impact Payments."

Picture source: http://401kcalculator.org

Remote Working Safeguards

Some of the Issues Since COVID began, the FBI is receiving 3-4k cyber

complaints/day* Infecting systems with malware a large problem -

many using personal PCs Distractions while at home make users more

susceptible to social engineering and human error Over 37% had difficulty managing new devices

using remote work resources** 28% report using personal devices for work more

than their company devices**

*https://www.engadget.com/fbi-cybercrime-complaints-increase-fourfold-covid-19-091946793.html** https://www.techrepublic.com/article/how-the-shift-to-remote-working-has-impacted-cybersecurity/

Things to Consider Secure your home wireless network Store University data in an appropriate location Always use your Global Protect VPN Use a password manager to securely manage passwords Don’t reuse passwords – make them unique

Data Classification and use

Can I Store or Email…? Refer to the KSU Document Management Matrix* Confidential Data - the most restrictive data classification Sensitive data requires special precautions to protect from

unauthorized use, access and disclosure, guarding against improper information modification, loss or destruction.

Public information - that which can be found, for example, in a company directory listing

FERPA can span multiple categories – be cautious when emailing student information

*https://uits.kennesaw.edu/document-management/index.php

Frequently-Asked Questions Why does my email or SharePoint/MS Teams/OneDrive file keep

getting blocked? How can I securely email a document outside of KSU? Should I store my tax information in SharePoint/MS Teams/OneDrive? How can I safely share data within my department?

KSU IT Resources

Document Management Matrix: https://uits.kennesaw.edu/document-

management/docs/Updated%20Data%20Matrix%20-%20July%202020.pdf Overriding blocked emails/stored documents:

https://apps.kennesaw.edu/files/pr_app_uni_cdoc/doc/o365_Blocked_Emails.pdf

Jirafeau (secure document attachment) site: https://jirafeau.kennesaw.edu

To report phishing or SPAM: abuse@kennesaw.edu UITS Service Desk: https://service.kennesaw.edu

Thank you