ISO Advisory | Cybersecurity & Ukraine Invasion
With recent events in the news, questions and concerns have been raised regarding our cybersecurity risks here at ODU.
Are we at an elevated cybersecurity risk at ODU, or as American citizens?
It remains uncertain what broader fallout there will be due to current geopolitical turmoil. Whether initiated by Russia, or by third parties who use the Ukraine invasion as a distraction, one thing is certain, we should continue to focus on the fundamentals. Doing so is key to protecting yourself at home and at ODU.
While there is a current sense of urgency, how cyber attackers target us has not changed. Focus on these three key fundamental cybersecurity points.
- Phishing: Phishing and related scams are when cyber attackers attempt to trick or fool you into doing something you should not do. Often these scams are sent as emails, but they can also try to trick with you text messaging, phone calls or on social media. Anytime someone is creating a tremendous sense of urgency and rushing you to take an action, or someone is promoting an offer that is too good to be true, this is most likely an attack.
- Passwords and 2-factor authentication:
- Strong passwords are the key to protecting your online digital life. Make sure each of your accounts is protected by a unique, long password. The longer your password the better. To keep it simple, use passphrases, a type of password made up multiple words like "honey-butter-happy".
- Can't remember all your passwords? That is why we use MIDAS Single Sign-On at ODU, and for personal passwords, we recommend you use a Password Manager to securely store all your passwords.
- Whenever possible, enable 2-Factor Authentication (2FA) on your important accounts.
- Do not use privileged administrative accounts for routine work on your computer, whether personal or at ODU. Doing so provides an added opportunity for an attacker to leverage the privileged access that the administrative account provides.
- Updating and configuring: Keep your computers, devices, and apps updated and current by enabling automatic updating on all your devices, including anti-virus software. Enable security features like the local firewall. Cyber attackers are constantly looking for new vulnerabilities in the devices and software we use. Keeping them automatically updated makes sure these known weaknesses are fixed and your devices have the latest security features.
In addition to cybersecurity, be aware of false information that is purposely published to confuse people. Do not trust information from new, unknown, or random social media accounts, such as posts on LinkedIn, Instagram, Facebook, or Twitter. Many accounts on these sites were created for the sole purpose of putting out fake information. Follow well-known trusted news sources who verify the authenticity of information before they broadcast it. If you wish to donate to any causes in support of recent events, make sure you are donating to a well-known, trusted charity. There will be many scams attempting to trick people into donating to fake charities that are run by cyber criminals.
Savvy threat actors are going to try their best to capitalize upon the anxiety, fear, and emotion many of us will be dealing with during uncertain times. Continue to focus on the fundamentals and you will go a long way to protecting yourself, no matter who the cyber attacker is.
For more information on cybersecurity, please visit our awareness page at www.odu.edu/safecomputing.