LAWRENCE — Nearly 7 million digital records are stolen every day, according to IT security firm Gemalto. That’s almost 300,000 per hour, or 83 every second. That means this month, hackers will steal roughly 217 million records. Is your information safe?
Hackers gain access to records through a variety of means, but the most effective method is through social engineering, or direct contact by a hacker with a target. While the possibility of being hacked might seem remote, and you might assume an attempt will be coldly impersonal, the fact is that one in three Americans are affected by an attack each year.
What can you do?
While there are many ways a hacker might gain access to your personal information, there are a few simple ways to ensure you are protected:
- Use complex passwords. A password vault manager can help you keep track of your complex passwords
- Don’t reuse passwords on multiple websites, and don’t share your passwords.
- Use two-factor or multifactor authentication.
- Make sure when surfing the web that you are on a secure site (look for https://, a lock icon or the word “secure” in your browser search bar).
- Use antivirus software, and set it to update automatically.
- Consider encrypting your computer’s hard drive.
- Back up your most important files to a cloud service.
- Avoid clicking on links in suspicious emails or downloading files.
- Don’t post personally identifying information on social media.
This list is by no means comprehensive, but it is a great start. If you’re looking to take a deeper dive into online security, visit staysafeonline.org, the official website of the National Cyber Security Alliance. The Department of Homeland Security also hosts a comprehensive resource at dhs.gov/topic/cybersecurity.
How does KU protect you?
In September 2018, the KU IT Security Office (ITSO) noted approximately 2,733 attacks on KU users. These attacks were composed of malware threats, phishing attempts and scams, which led the group with 1,556 instances. Chief Information Security Officer Julie Fugett notes that phishing and vishing (voicemail scamming) continue to be KU's most serious threats and most recent attacks.
In order to combat these and other attacks, Fugett and the ITSO staff are in the process of rolling out Duo multifactor authentication to the KU community. ITSO staff also are preparing to turn on improved protections for email, which will analyze emailed links and attachments for safety and block anything malicious from both on and off campus.
- Constantly updates its threat intelligence from multiple sources and adds new information to campus firewalls to protect KU computers and data.
- Offers workshops to any department wishing to have more extensive security awareness training.
- Runs a vulnerability management program that helps workstation and server support staff keep KU systems up to date.
- Conducts the quarterly “self-phishing exercise” in an attempt to assess the knowledge of the KU community and to provide a constructive way to educate KU users on effective security strategies.
If you wish to schedule an IT Security workshop, or if you have questions for Fugett, reach out to her directly at firstname.lastname@example.org.
Learn more with us all month long
KU Information Technology is marking National Cybersecurity Awareness Month (#NCSAM) with news updates and social media postings related to security for both you and the KU community. Be sure to check technology.ku.edu/news for posts, and be sure to follow our social media accounts: