Security

National Cyber Security Awareness Month Week 3

October is National Cyber Security Awareness Month

It’s time for week 3 of National Cyber Security Awareness Month! This week’s theme is “Today’s Predictions for Tomorrow’s Internet”

Week 3 will remind you that your personal data is the fuel that makes smart devices work. While there are tremendous benefits of massive interconnectivity, it is critical to understand how to use cutting-edge technology in safe and secure ways.

Week 3 Activities

Join Chico State alumni Matthew Myrick next week in a discussion about his experiences as a cyber security expert and Deputy Chief Information Security Officer for Lawrence Livermore National Laboratory.

  • Date: Monday, October 23
  • Time: 10am
  • Location: Colusa 100A
  • Cost: FREE
  • Topics will include:
    • Cyber Threats & Mitigations
    • General Security Hygiene
    • What you can do to better prepare for a job in Cyber Security.
  • Brought to you by the Department of Computer Science!

 For more information check out the campus’ National Cyber Security Awareness Month page.

Security

National Cyber Security Awareness Month Week 2

October is National Cyber Security Awareness Month

Week 2 October 9-13 Theme: Cyber security in the Workplace is Everyone’s Business

Creating a culture of cyber security is essential and a shared responsibility among all employees. Week 2 will showcase how organizations of all types can protect themselves and their employees against the most common cyber threats.

This week Information Security will be initiating a PhishMe campaign. You can help keep the campus secure by making sure you are up to date on your required CSU security awareness course and by taking the optional SANS Security Awareness Trainings.

REMINDER: Student employees, if you have not changed your password yet this semester please do! Passwords that are not changed will expire at the end of the semester.

For more information, check out the National Cyber Security Awareness Month Week 2 page

Security

October is National Cyber Security Awareness Month

October is National Cyber Security Awareness Month
Week 1 – October 2-6 Theme: Simple Steps to Online Safety

Cyber-attacks are in the news nearly every day.  Whether it’s the presidential campaign or the credit bureaus, we are reminded daily of the impact that cyber-attacks have on our lives.  October is National Cyber Security Awareness Month, which is an annual campaign to raise awareness about the importance of cyber security.  Please consider participating in our campus effort to raise awareness surrounding cyber security and privacy this month.   You can help by reviewing some simple steps to protect the campus and yourself, or by viewing a short cyber-security awareness video.

So please join-in.  Look for a new theme each week as well as events and a raffle.

For more information please visit the CSU, Chico National Cyber Security Awareness Month page.

Or

WEEK 1: October 2-6 – Simple Steps to Online Safety

Security

Students Targeted by Email Job Scams

CSU, Chico students are often targeted with scams promising jobs. Students have been scammed out of money or had campus accounts compromised by job-related phishing scams. ITSS recently used PhishMe to raise awareness of this type of scam. We modeled the PhishMe campaign after an actual job scam that had recently targeted CSU, Chico students.

The campaign was a “double barrel” format wherein an initial email references a forthcoming email to build trust. The second email will attempt to obtain account credentials, personal information for identity theft, or will request payment for materials needed for the fake job.

2.46% of CSU, Chico students were found by PhishMe to be susceptible to this type of scam and were redirected to educational phishing material. While this is lower than previous campus PhishMe campaigns it still leaves room for improvement.  Be aware of emails that:

  1. Ask you to click on a link or open an attachment.
  2. Create a sense of urgency.
  3. Evoke strong emotions, like greed, jealousy, or fear.
  4. Request sensitive data.

CSU, Chico will never ask for passwords or other sensitive data via email. Always check the URL of the site you are visiting. In many instances, a phishing email will direct you to an imitation website that appears legitimate, but attempts to steal your password or other sensitive data.

ITSS has worked with Student Employment and the Career Center to collect actual job scam examples that have recently targeted CSU, Chico students:

job scam example

job scam example

If an email or job offer sounds too good to be true it probably is. Most legitimate jobs do not require you to pay money or send personal information via email. Don’t hesitate to check with ITSS if you are unsure about the authenticity of an email you’ve received.

Security

Petya Ransomware Warning

The campus is aware of a new cyber-attack that is being reported widely in the news.  The Cyber-attack is called Petya, and it is primarily spread through Phishing and old Windows software vulnerabilities.

The campus server, network, and desktop teams are actively monitoring and working to protect the campus from this attack.

What you need to know:

  • This is a Windows Operating System, not a Mac OS or IOS attack.  However, Mac OS and iOS can forward links and attachments which contain the attacking “malware.”  Mac OS systems should run anti-virus/anti-malware software.
  • If you have a campus managed computer, your computer should have received the security patch for this attack in March.
  • Be very vigilant about opening email messages, Phishing is the primary method of attack.  More information about phishing: http://www.csuchico.edu/isec/basics/spam-and-phishing.shtml.
  • If your computer reboots unexpectedly and acts uncharacteristically slow, or prompts you stating that “your files are no longer accessible,” turn off your computer and contact ITSS.
  • Make sure that you store your files on the campus Box instance or Bay file server.  If your computer is compromised, your files will be permanently lost unless a backup exists.

What does “managed” mean, and how can I tell if my campus computer is managed?

Managed means that your workstation or server is configured to use the campus ITSS management system SCCM.  You can verify this by entering “Software Center” in the Start Menu search.  You can also tell if your computer notifies you regularly that updates are being installed. If you believe that your campus computer is not managed please contact ITSS.

What do you need to know for protecting your home or personal computer?

  • Make sure that your computer has the latest Microsoft Patches installed.
  • Patch any other non-Microsoft software installed on your computer.
  • Make sure your files are backed-up.
  • Make sure that you are running an anti-virus program that is receiving current updates.

More information about Petya ransomware is available at https://www.us-cert.gov/ncas/current-activity/2017/06/27/Multiple-Petya-Ransomware-Infections-Reported