October is Cybersecurity Awareness Month, and it’s important to know how one can protect themselves in an almost completely digital society. Since 2004, the president of the United States alongside Congress have declared October to be a dedicated month for public and private organizations alike to work together in order to raise cybersecurity awareness. [1]
The Cybersecurity and Infrastructure Security Agency provided four ways the public can stay safe and vigilant while using the internet. These four steps include using strong passwords, turning on multi-factor authentication, recognizing and reporting phishing, and staying on top of updating tech software. Of course, the CISA urges everyone to practice these four steps year round, and not just during the month of October. [1]
Graduate student Michael Khouri and undergraduate students Joanna Rann, Adam Sylvestre and Vinh Nguyen from the Information Security Office agreed to sit down for an interview to talk about the importance of Cybersecurity Awareness Month and how students and faculty alike can keep their information and devices safe.
Khouri explained the importance and significance of Cybersecurity Awareness Month and emphasized how dangerous and common many cyber viruses can be. “Cybersecurity Awareness Month was made to help push awareness campaigns to citizens on any new vulnerabilities or threats that regular citizens should be aware about, how they could handle it and how they can be more secure and confident with their own online and personal information. Every year, this changes because there’s always new threats happening and new ways that people’s online information could be accessed. The whole idea is just to make them aware and make sure that they know the tools that can be used on their everyday devices to help prevent that.”
UMass Boston, as is expected of any research university with valuable information stored online, receives cybersecurity threats everyday. The talented information security analysts that work for the University are able to put a stop to many of these threats, and they try their best to push out as much information as possible for threats they can’t interact with directly. In this case, phishing emails are what seem to impact UMass Boston students and faculty the most.
“A lot of threats are phishing emails. We get a lot of phishing emails that come by,” Nguyen stated. “Some of them are really well fleshed out and really well made to the point where it captures a lot of people, especially staff members who aren’t really technologically aware—not as much as we are, because we deal with these things every day. But I think that, for me, at least, that’s what we see a lot on campus.”
What makes phishing emails so dangerous, yet so easy to fall for, is that hackers will impersonate another business or individual to lure the victim into giving up their personal information. [2]
Sylvestre also added the threat of compromised accounts, increasing the likelihood of a hacker getting into an individual’s account. “We also run into a lot of compromised accounts. For example, maybe someone’s password gets leaked or something like that, then they [the attacker] will be able to get inside that person’s account.”
The ISO urges individuals to be careful when downloading applications to their devices, as there could be very dangerous code embedded in the application. “On a rare account, it could be ransomware on a device, meaning they might download an application that they think is safe, but behind it, it has malicious code,” said Khouri. “When they open the app, it says, ‘we’re gonna actually pause that you cannot access this computer, and either you pay this program (the ransom) or your information will be deleted.’ That’s usually the general ransomware-ness, and from there we try to take a hold of that.”
While this seems like a very overwhelming and scary scenario to deal with, the ISO is here to help any students and faculty that may feel worried they aren’t protected, or if they just want to broaden their cybersecurity knowledge. Rann and the rest of the cybersecurity team have announced they will be doing tabling events in Campus Center throughout the entire month of October, in order to encourage the student body to stay vigilant and protected online.
Tabling occurs two times a week for every week in October. These dates and times include:
Wednesday, Oct. 4 from 1:30 p.m. to 3:30 p.m.; Thursday, Oct. 5 from 11:00 a.m. to 1:00 p.m.; Tuesday, Oct. 10 from 10:00 a.m. to 12:00 p.m.; Wednesday, Oct. 11 from 10:00 a.m. to 12:00 p.m.; Monday, Oct. 16 from 9:00 a.m. to 12:00 p.m.; Tuesday, Oct. 17 from 10:00 a.m. to 1:00 p.m.; Thursday, Oct. 26 from 12:00 p.m. to 2:00 p.m.; Friday, Oct. 27 from 11:00 a.m. to 1:00 p.m.; Monday, Oct. 30 from 11:00 a.m. to 1:00 p.m.; and Tuesday, Oct. 31 from 11:00 a.m. to 2:00 p.m. [2]
Sources:
- CISA Website https://www.cisa.gov/cybersecurity-awareness-month