University of Delaware

Secure UD

Secure UD News: April 2018

Secure UD is the University of Delaware's comprehensive, community-oriented information security initiative. Raising awareness of cyber issues equips and empowers us to make informed, security-conscious decisions in our personal and work lives.

 

Cybercriminals seek to exploit faculty success

The University of Delaware's faculty are leading researchers and top quality instructors. Our success makes us an attractive target for cybercriminals, who seek to steal research, intellectual property, and more. One of their favorite tactics involves using spear phishing emails to ask about your research; they hope that they can leverage your passion to lure you into engaging with them. Often, they'll ask you to click a link to a fake login page that closely imitates real UD login pages. If you enter your login credentials on this forged website, scammers will begin attempting to log in to UD resources or other services to steal your personal and professional data.

It is not uncommon for phishers to exploit the branding of trusted organizations—including UD—to accomplish their goals. Cybercriminals try to improve their chances of deceiving someone by appropriating logos and imitating the layout of official emails and websites. They hope that their victims will recognize these familiar traits and assume the email or website is trustworthy; faculty at many institutions have been deceived in just this manner. The FBI recently announced charges against nine hackers for stealing over 30 terabytes of academic data—including intellectual property costing U.S. universities $3.4 billion—using this scam.

A few seconds of careful consideration can help protect years of your hard work.

Don't allow cybercriminals to defraud you! Remember, logos don't guarantee that a message or website is legitimate. Be vigilant for the warning signs of phishing scams, and double check web addresses before entering your credentials. If you notice a suspicious email in your inbox, forward it to reportaphish@udel.edu. If you believe your UD credentials may have been stolen, notify your local IT professional and contact secadmin@udel.edu. Our University's IT staff are dedicated to helping you protect your account, your work, and your personal information.

If you haven't already, complete Phase I of 2018 Secure UD Training for more information about phishing and other tactics leveraged by cybercriminals.

Take action! Keep an eye out for phish, and forward any suspicious emails to reportaphish@udel.edu.


 

Consult with IT about security and risk

Our community knows that managing data risk is an essential part of managing a research project or a University unit. Institutional data are often subject to requirements imposed by laws, regulations, or agreements. However, data risk doesn't have to be complicated. In fact, a brief conversation can help you identify effective strategies for managing risks to your data, complying with legal requirements, and staying on track for success.

IT's security and risk experts are available to discuss your data and how best to protect it to help support your continued success. Our tools and engagement approach are designed to quickly and easily assess risk, plan effective next steps, and foster continued dialog.

Give us a call! Research PIs and unit heads can email secadmin@udel.edu to schedule a consultation.


 

2018 Secure UD Training now available

Last month, the University refreshed Secure UD Training for 2018 for employees. Phase I of 2018 Secure UD Training delivers updated content and new features to provide you with a more engaging experience:

  • an updated Learner Dashboard, which displays your available training and important messages
  • updated, interactive training modules
  • a new training curriculum design
  • the ability to "test out" of specific modules by demonstrating your knowledge
  • greater security through the University's two-factor authentication (2FA) service.

Secure UD Training is organized into two phases, each approximately an hour in duration. Its modular design allows you to pause and resume training at your convenience.

Phase I focuses on the ways in which cybercriminals seek to exploit you, our community and our institution. You'll learn more about how hackers target us using phishing and other social engineering scams and how to spot and avoid these attacks. Phase I also includes material on the types of sensitive information we safeguard on behalf of our students, other faculty and staff, and the larger University community.

Phase II of 2018 Secure UD Training will be released in October as part of our National Cybersecurity Awareness Month campaign. Phase II's modules will explore privacy and the security of your personal devices, equipping you with the knowledge and skills to protect yourself and your family while browsing the web, using social media, and more.

Interactive exercises in each phase help you practice and strengthen key skills. You also have access to our extended training library, including optional modules to help you secure your family and home against cybercrime.

To learn more and log in to Secure UD Training, visit the official Secure UD website: https://www1.udel.edu/security/training/.

If you aren't currently enrolled in Secure UD Training and would like to be, send an email to Secure UD at secadmin@udel.edu to get access!

Unit heads may request a report of training completion within their units by sending an email to Secure UD at secadmin@udel.edu.

Take action! Commit to a secure you and a secure UD: complete Phase I of 2018 Secure UD Training today.

About Secure UD Training: Secure UD Training is a security awareness resource for University employees. Training empowers you with the knowledge and skills to protect yourself, your community and the University from cyber risks. The modular, online, self-paced design makes it easy to complete training during lunches or between emails, and the skills it cultivates are applicable throughout your life, whether at home, in the office, or abroad.