As we wrap up 2021’s Cybersecurity Awareness Month, I wanted to talk about the future of the UAH OIT Cybersecurity program.
First of all, I am planning future Cybersecurity Awareness Months that will be even bigger with planned speakers and in person events. Look for that announcement in early fall, 2022.
Thanks to great sources of information like the Verizon Data Breach Investigation Report (DBIR), we know that attacks against universities have escalated in the past year and are anticipated to grow along similar lines in the future. According to the DBIR, the two most common types of attacks against educational institutions were social engineering and inadvertent misconfiguration.
Social engineering
Social engineering attacks include targeted phishing attacks against faculty and staff, impersonation (pretending to be a university officer emailing from a personal account), baiting (promises of cash and prizes) and pretexting (scare tactics). These attacks continue to have an alarmingly-high success rate across educational institutions.
To help counter social engineering attacks, user education and communication will be a particular point of emphasis in 2021-22. To that end, the OIT cybersecurity team will be working toward the following goals:
- Creation of a monthly Cybersecurity newsletter
- Quarterly meetings with the system administrators
- Phishing simulations and training for faculty and staff
Inadvertent Misconfiguration
The next most common avenue of attack last year were configuration errors which are unintentional actions that directly contributed to a security incident. Examples of these unintentional actions include failure to apply updates to systems, installing software and browser extensions from suspicious locations, and leaving unnecessary services running on systems.
Regardless of the type of attack, most attackers were financially motivated, hoping to exfiltrate valuable data, encrypt the data at the university and extort them for payment.
To help address misconfigurations, malware and ransomware attacks, we recently deployed the Crowdstrike endpoint security platform to UAH assets. This robust anti-malware and anti-ransomware solution enables rapid response to security incidents and allows security staff to appropriately monitor endpoints for misconfigurations and indications that they have been compromised by malicious actors.
The deployment of Crowdstrike endpoint security was just the first step toward reducing the risk to UAH information systems and assets.
We have plans for other security initiatives that align with the NIST Cybersecurity Framework requirements to produce consistent, repeatable cybersecurity results. As these plans are near implementation, I will provide additional details via articles and announcements in various newsletters.
Thank you for reading the cybersecurity articles this month. Only by remaining vigilant and diligent in the protection of UAH data and assets will we be able to stay ahead of the attackers and educate individuals in leadership, innovation, critical thinking, and civic responsibility while inspiring a passion for learning.
Do your part and #BeCyberSmart.
For questions or more information, contact ciso@uah.edu