Staying Safe Online
Universities at increased risk of cyber attack. 5 tips to protect you and UCC online.
Universities at increased risk of cyberattack
A recent report from the International Criminal Police Organization (INTERPOL) found that cybercriminals are attempting to exploit the increased online dependency of organisations and the vulnerabilities related to working from home. There have been many reports of high profile hacking and ransomware attacks against major companies and universities since the beginning of the Covid-19 outbreak. However, despite the many changes in technology used in attacks and working conditions, malicious email remains the top cybersecurity vector. Over the past six months most successful attacks against universities and companies can be traced back to a staff member clicking on a link in a malicious email.
In Maastricht University a ransom of €197,000 was paid after a cyberattack disabled large portions of their IT infrastructure including their ability to run payroll. This attack was traced back to two employees clicking on a malicious link in an email.
5 tips to protect you and UCC online
- Don’t think “it won’t happen to me” - studies show 94% of employees are unable to spot all phishing emails.
- Be cautious when clicking on links - especially email originating from outside of UCC. All emails sent externally are tagged.
[EXTERNAL] This email was sent from outside of UCC.
- Never reuse passwords - staff members should not use their UCC email to sign up to third party apps (e.g. LinkedIn, MyHerritage etc.) Previous breaches of external companies have led to email addresses and passwords being sold on the dark web.
- Use long, complex passwords - password managers can help - www.wired.com/story/best-password-managers/
- Use multifactor authentication - the best defence for your account. This is already on your UCC email account and you should use this wherever it is available (Gmail, Facebook, Twitter etc.)
Your Account Security
If you have clicked on a link in a malicious email or entered your details please change your password immediately using the Self Service Password Reset tool.
Breach notification - obligation
Report ALL incidents involving loss or unauthorised disclosure of personal data (e.g. emails sent to the wrong person or files lost / stolen) to your line manager and to the University’s Information Compliance Manager / DPO, Catriona O’Sullivan, – firstname.lastname@example.org or email@example.com - as soon as you become aware of the incident.
Working Securely when Off Campus
Read more about working securely remotely HERE