Today@Sam Article
Cybersecurity In The Summer
July 7, 2021
SHSU Media Contact: Wes Hamilton
Story by Mikah Boyd
Summers are often packed with vacations for students, faculty, and staff alike, and while it’s great to use this time to unplug, emails for work and personal use are still susceptible to cyberattacks. SHSU Information Security Officer, Steven Frey provided some tips on how to keep your accounts secure while you enjoy summer.
The first and easiest way to keep your information and accounts protected is to always lock devices when they aren’t in use.
“Never leave your computer or phone logged in and unlocked if you step away, even at home or other trusted locations,” Frey said. “A cat walking across your keyboard can wreak havoc on your device and account.”
Keeping devices locked is especially important when on a longer break, as Frey explained that phones are constantly loading emails even if they won’t be opened for weeks. While it’s not fun to look through emails while on break, it is better to catch a phishing attack or scam sooner rather than later.
“Be sure you recognize the URL of a site before you login with your username and password,” Frey said. “And be careful what you post on social media that could help others steal your account or identity.”
A major part of being prepared for an attack on personal files or documents is having a secure backup prepared. Frey recommends people utilize Microsoft OneDrive, which is offered to all SHSU partners, or other cloud services that easily create backup copies of files. For those who prefer not to use cloud services, removable hard drives can help store important files but should be stored in a secure location if the information on it is sensitive.
“For files that contain sensitive information, be sure to protect them with encryption,” Frey said. “Most compression utilities like 7-zip or Compressed Files in Windows allow you to password protect your files. Certain documents like Word and PDF make this easy as well. Just be sure to use a strong password, because there are tools out there that makes cracking weak passwords on documents child’s play.”
Not sure how to create a strong password? SHSU students, faculty, and staff can take advantage of free LastPass premium, a password manager that can help create strong passwords and remember them. Through this partnership, users can access the premium features of the browser extension and store sensitive information, as well as password data.
Even with data backed up and accounts secured, it is important to keep an eye out for cybersecurity attacks such as phishing and ransomware. For this, Frey outlined how to identify these attacks and how to respond:
“For your SHSU account, check out the SHSU Phish Bowl to see if we have already confirmed a phishing email that looks like the one you received.
In general, consider the below:
- Was the email unexpected?
- Look at the “From” email address, not the name. The name can be easily forged. On some phones, you may have to expand the “From” section of the email to see the details.
- Examine the email for a sense of urgency, questionable links or attachments, or uncommon word usage.
For cyberattacks that impact SHSU, we have a page set up for people to report these types of incidents to IT. Just navigate to https://shsu.edu/report-it, click on the icon and follow the instructions. If you are not sure, you can always contact the IT@Sam Service Desk at servicedesk@shsu.edu or call 936.294.1950.”
IT@Sam Representative Stephanie Smith has outlined how to spot and handle a ransomware attack in the IT@Sam Newsletter. Protecting files from this sort of attack also requires backup, but identification and response to the attack is different.
Ransomware attacks typically start with a splash screen popping up when the computer is started. This screen may have instructions on how to pay the cybercriminal for your information. It is also common for files on the computer to be corrupted or inaccessible, as well as a new file being present in folders labeled as “decrypt your files” or “open me,” which will also have instructions for payment.
In this situation, turn off the computer immediately and do not follow the instructions to pay the cybercriminal, as this will leave the files open to attacks in the future. After shutting down the computer, notify the IT@Sam Service Desk.
Following these steps will help SHSU users work together to protect the university and their peers from cybersecurity threats.
“One of our new sayings is, ‘I am a Bearkat, and awareness is my armor.’ Cybersecurity is everyone’s responsibility,” Frey said. “IT will do our part in protecting the university with technology, but every one of us need to be aware of the threats out there and of the best practices when using IT.”
For more cybersecurity tips, read through the IT@Sam Newsletter and follow them on Twitter, Facebook and Instagram at @SHSUServiceDesk.
- END -
This page maintained by SHSU's Communications Office:
Director of Content Communications: Emily Binetti
Asst. Director Content & Social Media: Emilee White
Communications Manager: Mikah Boyd
Telephone: 936.294.1837
Communications Specialist: Campbell Atkins
Telephone: 936.294.2638
Please send comments, corrections, news tips to Today@Sam.edu