Carnegie Mellon University
October 03, 2016

National Cyber Security Awareness Month (NCSAM)

Dear Staff, Faculty, and PhD Students,

October is National Cyber Security Awareness Month.  This year’s theme is “Our Shared Responsibility”.  Nothing could be more true when it comes to cyber security.

We all play a role in keeping our electronic information, applications, computers, and networks secure and working effectively.  We do this to protect each other, our families, our students, sponsors, and the university.  Several recent incidents serve as reminders of the importance of reporting concerns, backing up your data, remaining vigilant to scams, and other good security practices, both on campus and at home. 

1.       In recent months several members of our community fell victim to phishing scams that led to the release of their Andrew credentials.  Andrew credentials provide access to a myriad of CMU systems and resources, such as email, Workday - our human resources and payroll system, S3 – our student information system, licensed software, etc.  Armed with only a valid Andrew ID and password, an intruder can gain access to read, modify, delete, and/or any other function authorized to the compromised account.    Timely reporting and vigilance to phishing are contributions we all can make to reduce the impact of phishing attacks.

2.        Ransomware is hitting campus at an increasing rate.  Ransomware is one the fastest growing security threats.  Files stored on or accessible from the infected computer are encrypted and ‘held hostage’ until a ransom is paid.  Ransoms range over several hundreds of dollars.   Having a good backup is often the only way to recover but we’ve also had success recovering if the user was not logged in with administrator privileges.  Ransomware is typically delivered via email scams and malicious websites so take care while surfing, clicking, and opening attachments.

3.         In the last two weeks Yahoo reported a breach to 500 million user accounts and passwords.   Yahoo’s breach is a good reminder to periodically change your passwords (the breach actually occurred in 2014), never reuse your Andrew ID or password, and avoid setting the same password recovery questions and answers across multiple systems.  If you receive a breach notice or request to reset your password from a third party and you used your AndrewID and/or password to create the third party account, change your Andrew password immediately and contact the ISO at x8-2044.

4.         Intruders move laterally.   As advanced threats target colleges and universities to steal research and resources, we are learning more about their techniques and tools they use.  Once a foothold is gained on one computer, intruders can use that position to more easily attack a neighboring computer or colleague.  By protecting ourselves with security basics to avoid becoming compromised, we protect each other.

5.         We have blind spots.   The ISO and other IT teams monitor campus network traffic for signs of attack and phishing response.  We have a blind spot though when it comes to home computing.  That’s when we rely exclusively on you to report any concerns.  Fortunately, community members are doing a great job reporting concerns and promptly responding to the ISO’s outreach.  We thank you.

There’s another “thank you” owed.  Computing Services and other campus IT providers continually work to provide more secure and usable services in response to evolving threats.  Please join me this month in thanking our IT providers for the part they play in keeping our defenses strong.

Finally, if you would like to learn more about these and other topics and initiatives, visit the ISO’s NCSAM web page and plan to join a discussion in Rangos 3, CUC on Monday, October 24, 2016 from 9:00 – 11:30 a.m.  Feel free to email me if you have questions or topics of particular interest.

It’s a privilege partnering with you to keep the university’s data and systems secure.

Sincerely,

Mary Ann Blair
Director of Information Security
Information Security Office
Computing Services
Carnegie Mellon University
https://www.cmu.edu/iso
Phone: 412-268-8556
ISO Hotline: 412-268-2044