ncsam

Celebrated every October, National Cyber Security Awareness Month was created as a collaborative effort between government and industry to ensure everyone has the resources needed to stay safer and more secure online. As an official Champion, Wentworth Institute of Technology recognizes its commitment to cybersecurity and online safety.

Throughout the month, we will be sharing cybersecurity tips and best practices that you can use at home and at work. We encourage you to follow us by subscribing to our Information Security Newsletter, on Twitter @InfoSec_WIT, and visiting us on the web at http://www.wit.edu/dts/security.

For Wentworth faculty and staff, we are proud to announce the launch of our Information Security and Compliance Training program. For more information on this new service, visit us on the web at http://www.wit.edu/dts/security/training-awareness/training/index.html, where you can sign in through the link provided with your Wentworth credentials (username and password used for LConnect and email).

For more information on NCSAM, visit http://www.staysafeonline.org/ncsam.

Join us this month and be a Wentworth Cybersecurity Champion!

NCSAM-Champion Icon

What is “Shellshock”?

Shellshock is the name given to a collection of vulnerabilities present in a widely distributed component of Unix-based operating systems, called Bash. The vulnerable component is present in all Linux and Mac OS distributions as well as they use the same component to process commands within the operating system. It does not appear to, in general, affect Windows-based systems as they use a different program.

These vulnerabilities allow someone to inject commands on the specified platforms. This can be exploited in a variety of ways and can led to fairly significant compromises to the confidentiality, integrity, and even availability of data.

Who is affected?

As stated, these vulnerabilities are present on systems that use a Mac OS X, Linux and Unix system platform. For the small segment of Wentworth systems that had the vulnerable component, these vulnerable components were not necessarily exposed to the public in an exploitable fashion. To be safe and sure we mitigated the risks further, we have done the following:

  1. Updated our firewall threat detection capabilities. Before patches were available for the individual systems, we were able to successfully detect and block attempts made to exploit these vulnerabilities on our internet-facing systems.
  2. Applied all available patches and updates to the affected systems to fix the vulnerable component.

We will continue to apply any additional patches and updates as new vulnerabilities are reported.

What do I need to do?

If you use a Mac, there is a potential that your operating system may be vulnerable. To fix this vulnerability, we advise that you visit the Apple Support page, located at http://support.apple.com/downloads/. Download and install the OS X bash Update that matches your operating system (OS X Mavericks for 10.9, OS X Mountain Lion for 10.8, and OS X Lion for 10.7).

 

 

 

This year marks the 11th anniversary of National Cyber Security Awareness Month (NCSAM). NCSAM is observed throughout the month of October to increase the awareness of cyber security threats and techniques to safeguard against them.

As a NCSAM Champion, Wentworth will be providing frequent tips and articles throughout October on how you can better protect your data and computing devices from security threats such as malware, phishing emails, and identity theft. Throughout October, the Information Security Office we will share an article that is relevant to you. Topics will range from recognizing a “phishing” email to best practices for protecting your privacy on social networking sites. In addition, we will be launching the Information Security & Compliance Training Program available to all staff and faculty. Finally, we would like to take this show on the road with presentations on cyber security threats, data privacy, and information security best practices. If you would like to have Wentworth’s Information Security Officer come to your department or group, please email infosecurity@wit.edu to schedule a presentation.

Follow us on Twitter @InfoSec_WIT for more on NCSAM, security news, and resources for improving your information security practices.

ncsam

Fall Projects – 2014

John Knights —  September 5, 2014 — Leave a comment

The Information Security Office (ISO) will be working with others within Technology Services and across Wentworth to continue our efforts to improve the information security posture. Below are a couple of initiatives and projects we will be working on this Fall.

National Cyber Security Awareness Month

October is the 11th Annual NCSAM. As a NCSAM Champion, we will be providing cyber security awareness materials throughout the month to our entire community via Twitter, the Information Security Blog, and ISO website.

In conjunction with NCSAM, we will be launching the Information Security & Compliance Training Program for staff and faculty.

Identity & Access Management

This fall, we will launch a multi-year project to improve the overall approach to identity and access management. The IAM project will both increase the protection of institutional data and information systems and improve the overall end-user experience when logging into the various systems and services available to the Wentworth community.

For more information on these and other initiatives, make sure to visit our ISO website.

Summer Projects – 2014

John Knights —  September 5, 2014 — Leave a comment

Along with the rest of Technology Services, the Information Security Office (ISO) has been busy working on projects to improve the overall information security posture at Wentworth. As we start the new academic year, we want to share some of what we have been working on.

Data Management

Over the course of the summer, members of the Information Security Compliance Committee (ISCC) have worked to put together a set of policy documents to set the requirements for improving data governance and security. Once approved these policies we will send out a notice as well as publish them on the Technology Services Policy Page.

In addition to the policies, the ISO has worked with other members from Technology Services to provide all staff and faculty with a data loss prevention tool, Identity Finder. This tool is available to all staff and faculty for use on their institutional Windows or Mac-based desktops and laptops. For more information, please visit our Data Loss Prevention “Top Topics” page or go straight to the Identity Finder Tool page for instructions on obtaining, installing and using Identity Finder.

Information Security Awareness & Compliance Training Program

In an effort to improve awareness of information security and regulatory compliance requirements, we have worked with the ISCC and our training video service provider WeComply to provide our staff and faculty with a set of comprehensive educational videos on various topics (Information Security, Data Privacy, FERPA, and others). Visit the ISO’s Training page for more information on the program launching this October.

 

Over the last few months, a frequently referenced site caught the attention of many security professionals as it provides an interesting visualization of the cyber attacks that traverse the globe every second of every day. The site is a map put together by Nosre Corp.

Norse Corp provides cyber security appliances and services that aim help organizations block attacks. One interesting use of all the intelligence they collect from their devices is the Norse live attack map, which they state is “a visualization of a tiny portion (<1%) of the data” they process every day. Take a look at the Norse Live Threat Map.

Norse's Live Threat Map - 10:40a on 9-5-14

WARNING: The Live Threat Map is an interesting application and can quite entrancing!

New studies have found that 1/3 of all phishing attempts last year went after bank accounts or other financial information directly.  From 2012 this is an increase of 8.5% in financial attacks, an all-time high for phishing.  Most of these financial scams pose as a popular organization, and even worse, about half of them use either PayPal, MasterCard, Visa, or American Express’s name to seem legitimate.  Phishing attacks damage these brands reputations and make it harder for the average internet user to distinguish between real emails and scams.  Amazon is also used as a cover in most phishing attacks to fool the receiver, with Apple and E-Bay also being used.

In addition to these, recent phishing attempts have tried to exploit conference attendees by posing as hotels or travel agencies representing the conference organizers. Follow the links and instructions provided on the conference websites for searching hotels and making reservations.

Never trust unsolicited emails or calls for sensitive information. Always be skeptical and cautious when being asked to reply to emails or follow to linked forms that request sensitive information (financial account numbers, credit card numbers, usernames and passwords) because it may be a phishing attempt.  Review our phishing page to help identify malicious communications and forward suspicious emails to abuse@wit.edu before opening any links or giving any information.  It is also important to remember that phishing is not restricted to email, at least a third of phishing attacks last year were deployed via Facebook.  Be aware at all times online especially when handling sensitive information.

Anti-virus software has changed a lot over the past decade, moving from virus scans triggered by a user to comprehensive malware detection in real time.  While an often lengthy scan was once your only option to detect threats, protection is becoming more automated, now happening as soon as you encounter malware or other malicious programs.  The next step in protecting our computers is a breach detection system (or BDS) that can detect any breach in a network of computers and then contain or remediate all the damage within 48 hours.

Current anti-virus software uses signature-based detection to match a current list of threats to the findings of a search or a software that is currently affecting the computer.  Users must keep their anti-virus software updated consistently to combat the latest threats on the internet.  Another big problem right now with anti-virus software is how predictable it is.  The signature based system allows hackers to test their virus on a system with existing software available to the public before a large scale attack.  With a proper breach detection system, any attack will be discovered because detection is not just based on pre-determined signatures, but on reacting to signs of an attack through network traffic analysis and server data.  Ideally, a BDS will stop a threat coming from inside the network, from the cloud, or even on an employee’s mobile phone.  It will then remediate the damage by quarantine, session termination, and other restrictions.

Breach detection systems help keep entire networks secure and more connected.  The Wentworth Technology Services Information Security Office is always looking for better ways to protect the institute and it’s members, broadening our scope protection services will help us with this mission. We employ next generation firewalls to perform these more advanced techniques for malware detection. In addition, there are active and proposed projects for expanding our tools and techniques to improve the security and privacy of your institutional data, feel free to periodically check in on our projects page for more information and status checks on our projects.

As the semester comes to a close , it is important to remember some of the tips we’ve shared over the semester.  Among them are the information security and privacy techniques vital for protecting your sensitive information online.  From choosing the correct Wi-Fi network to staying alert for phishing emails while off-campus, here are the things you need to keep in mind to have a fun and safe summer.

  • Avoid unsecured Wi-Fi and use secured Wi-Fi networks or connect with an Ethernet cable
    • Especially when checking financial or sensitive information on your laptop.
    • An unsecured Wi-Fi network could be a fake proxy or a real network simply compromised by a hacker, who is watching everyone’s activity.
    • Turn sharing settings off if you have to use an unsecured connection
  • Review the signs of a phishing email here
    • Not addressed to you; vague wording
    • Misspelled words or illogical statements
    • Requesting information randomly or urgently
    • Suspicious URL links
  • Stay safe on social networks
    • Restrict your privacy settings so only your friends can see your information
    • Be cautious if your information is requested in any way
    • Know where your information is going to and who can see it
  • Change your password now and stay one step ahead
    • Passwords have to be changed every 180 days
    • Make the fall transition easier by changing your password now
    • Check requirements and change password here
  • Use a virtual private network to work from home and stay secured
    • For Wentworth employees that require VPN access to the campus network when working remotely, please email our Information Security Office to find out more.

The next time you post something on Facebook that anyone can see, you will be greeted by a small blue blast from the past.  A tiny blue dinosaur (article and example from Sophos) now reminds users without privacy settings enabled to read and understand them better before they share information online.  The dino addresses the user by name and hopefully will encourage more people to be safer online.  This is a much needed step towards privacy and transparency for the social network giant.

The cartoon popup is just a test program but is already receiving great feedback and hopefully it will spur more companies to follow suit by making their user’s privacy a bigger priority.  The exact message you will receive is: “You haven’t changed who can see your posts lately, so we just wanted to make sure you’re sharing this post with the right audience. (Your current setting is Public, though you can change this whenever you post.)”. It then gives you different options to limit who can see your post.