Students, Faculty and Staff Become Cybersecurity Aware Just because you’ve strengthened your cyber defenses this past month doesn’t mean you won’t be attacked by the end of the year.
In 2003, the federal government designated October as Cybersecurity Awareness Month to promote safe technology practices. Ohio University is celebrating the month with several events, including a Data Security Day conference and a cybersecurity-themed movie and trivia night featuring “The Great Hack” at Baker University Theater on Oct. 29 from 7 p.m. will host an event.
There are many different types of cyberattacks that malicious actors can use to steal information, money, and damage software and hardware. Hackers can use malware such as viruses and worms to enter your computer through websites, downloads, or damaged hardware.
Therefore, you should be careful about the sites you visit, the files you download, and the hardware you use.
Avinash Karanth, Dean of the Department of Electrical Engineering and Computer Science, assures us that OU Technology’s hardware is safe.
“You have to be careful when handling the device,” Currans said. “You want to make sure there’s an appropriate level of encryption in place so others can’t access your sensitive information.”
Products from most well-known vendors and developers are secure and students only need to ensure their devices are updated.
Shawn Osterman, associate professor of electrical engineering and computer science, explained that while malware can spread through small networks, there is no single university network that connects all computers remotely. I did. Even if malware does spread via Wi-Fi, it won’t spread as far thanks to the university’s firewalls.
Tin Vuong, a third-year student studying advanced computing programs, said firewalls work by filtering requests sent to a server, preventing requests from outside the local network from being fulfilled. I explained. Most firewalls check for malicious attachments embedded in requests.
Therefore, it is impossible for a university’s entire database to be hacked by a breach from one student’s computer. Students do not have to worry about being responsible for other people’s data, but they must protect their own data.
One of the most dangerous cyberattacks is not one that involves slipping through a backdoor, but social engineering such as phishing. “The most vulnerable attack surface is the user, not the application itself,” Vuong said. Phishing emails often try to trick you into clicking on a link that is actually malware.
There is also a type of phishing in which an attacker impersonates an organization that wants the victim’s information. For example, a phishing email might say, “Hello, this is your bank. Please enter your bank account information or your account will be frozen.”
A more targeted form of phishing is commonly referred to as spear phishing. This type of email can appear to come from someone the victim knows.
“I think (students) are more aware of phishing attacks,” Vuong said.
The Information Technology Agency offers tips on how to identify phishing. The Phish Bowl linked to the website displays the latest high-impact phishing messages being sent to ohio.edu emails.
Students and instructors should be wary of links they receive via email. These links may be disguised as malware. Users can tell whether a link is safe by looking at the prefix “https” in the link.
The OU’s Data Security Day Conference, held on October 9, explored ways to respond to cyber-attacks, including reporting phishing.
One of the best cyber defenses is multi-factor authentication, which OU requires for all users.
“This makes logging into everything on campus very secure,” Osterman said.
MFA works by not only verifying the identity of the person logging in with a username and password, but also a phone number or email address.
“If you know your username and password and have your own cell phone, there’s a very good chance it’s who you say you are,” Osterman said.
Osterman said passwords should never be reused. If a hacker obtains someone’s password on a site, they can use that same password to break into other accounts that use the same password.
“Many of these attacks can be made less dangerous if you use different passwords for everything,” Osterman said.
He recommended a password manager. A password manager recommends secure passwords and stores them so you don’t have to remember them. Although some people may be wary of having third parties accessing their passwords, this is actually the most secure method since the database is encrypted.
Osterman said both Mac Book and Windows password managers are secure, as is his preferred password manager called One Password. Breaking into these password databases requires far more computing power than a hacker wastes on an OU.
From Karans’ perspective, not many faculty members take the modules recommended on the Office of Information Security’s website because similar content is taught in electrical engineering and computer science classes. Faculty members in the department already know the basics of cybersecurity.
“Personally, I don’t think I’ve ever relied on university resources to learn about phishing,” Buon said of the student perspective. “The training is not compulsory, so I think other students will do the same.”
Resources are available for students and teachers to use. Perhaps a full month of advertising will be enough to get enough attention.
rh919022@ohio.edu
