Week 4: Cybersecurity resources & test your knowledge
Thank you for your engagement in Cybersecurity Awareness Month! As we wrap up our final week, we look beyond BU to trusted sources with good cybersecurity information. Here are some of our favorites: • CISA The Cybersecurity Infrastructure and Security Agency hosts a wealth of information including how to report incidents, cybersecurity trainings & how-to guides, as well as breaking CISA alerts. And after a month of cybersecurity awareness, how do you fare in the Danger Zone? Test your knowledge by playing KnowBe4’s “Week 4: October 25th, 2022
• Brian Krebs Journalist Brian Krebs provides the latest cybersecurity news, follow him on Twitter or via his blog KrebsOnSecurity.com.
• The Internet Crime Complaint Center (IC3) Hosted by the FBI, you can file formal complaints for ransomware attacks, scams or online threats. You can also view the latest alerts issued to by the government.
• Bleeping Computer: Tutorials, cyber-news, downloads and forums make this website a wealth of knowledge for staying up to date and active with cybersecurity information.
• WIRED: The security section of this online magazine is a fun and fast read, covering popular security stories as well as helpful articles like “You need an online password manager. Here are the best ones.”Danger Zone” game!
Week 3: What are security incidents?
Welcome to the third week of Cybersecurity Awareness Month! This week we will talk about reporting incidents. Like knowing how to call the police, understanding how to report cybersecurity incidents is critical to ensuring you get the help you need during a cyber event. Security incidents are events that indicate BU systems or data have been attacked or compromised. Security incidents include data breaches, malware infections, phishing messages, and ransomware attacks. We encourage anyone in the Boston University community who is aware of a potential cybersecurity vulnerability or event affecting accounts, data, computers, or networks to report it. Please contact your BU IT support organization or ithelp@bu.edu any time that you think you may have observed a cybersecurity vulnerability or event. Here are some things to look for: • Someone else appears to have access to your accounts or devices, as evidenced by changes to your account, records, files, or email that were not made by you. To report an incident, contact your organization’s IT team or contact the IT Help Center at ithelp@bu.edu or by calling 617-353-HELP (4357). For more information visit: https://www.bu.edu/tech/services/security/cyber-security/sensitive-data/reporting/ To report a phish, forward the email with headers to abuse@bu.edu. RSVP: In partnership with the School of Public Health, BU Information Security is proud to host Kris Grahame, FBI Boston, to present Foreign Influence & Disinformation Campaigns Online, October 24th from 3:30pm-5pm. For more information and to register visit: https://www.bu.edu/tech/support/information-security/cam/events/ Don’t forget: bring your unneeded paper and electronics to our Shred + Recycle Events today Wednesday October 19th at Agganis Lot and Thursday October 20th on the Med Campus at the Talbot Green!Week 3: October 19th, 2022
• You can view personal information you do not think you should be able to see.
• Your computer is behaving as if someone else has control over it, such as the cursor moving, the camera being turned on, or text being typed.
• Someone outside of your known IT support contacts you and seeks your assistance in gaining access to your system or otherwise bypassing security controls.
• You have found a way to circumvent a Boston University cybersecurity system.
Check out this short video on Reporting an incident:
Week 2: What is ransomeware?
Here are tips for and using Duo effectively: If you clicked on a link and provided your password, or approved a Duo prompt you did not initiate: Get ready to SHRED! Bring your unneeded paper and electronics to one of our Shred + Recycle Events on Tuesday October 18th, Wednesday October 19th and Thursday October 20th!Week 2: October 12th, 2022
At BU, we protect our online identities, services and data with Duo. It’s easy to use and adds significant protection. If your password is hacked through phishing, a data breach, guessing or any other compromise – Duo saves the day, preventing unauthorized access to your account.
• Whenever possible, use Duo Push through the mobile app – it is the fastest and most secure option.
• NEVER authorize a prompt or call you did not initiate. Whether it’s through the phone or a push, click on “Deny” if you are not expecting the prompt!
• Never provide another person with a Duo authorization passcode.
• Verify that any site asking for authentication via the web uses a ‘bu.edu’ address, with https://shib.bu.edu/, https://adfs.bu.edu/, and https://weblogin.bu.edu/,being the most common.
• The URL should always start with https://. The “s” is critical – it means “secure”.
• Change your BU password immediately: https://weblogin.bu.edu/accounts/changepw
• Contact the BU IT Help Center: ithelp@bu.edu or 617-353-HELP.
Week 1 October: Using Duo Multifactor authentication effectively
Here are tips for and using Duo effectively: If you clicked on a link and provided your password, or approved a Duo prompt you did not initiate: Get ready to SHRED! Bring your unneeded paper and electronics to one of our Shred + Recycle Events on Tuesday October 18th, Wednesday October 19th and Thursday October 20th!Week 1: October 4th, 2022
At BU, we protect our online identities, services and data with Duo. It’s easy to use and adds significant protection. If your password is hacked through phishing, a data breach, guessing or any other compromise – Duo saves the day, preventing unauthorized access to your account.
• Whenever possible, use Duo Push through the mobile app – it is the fastest and most secure option.
• NEVER authorize a prompt or call you did not initiate. Whether it’s through the phone or a push, click on “Deny” if you are not expecting the prompt!
• Never provide another person with a Duo authorization passcode.
• Verify that any site asking for authentication via the web uses a ‘bu.edu’ address, with https://shib.bu.edu/, https://adfs.bu.edu/, and https://weblogin.bu.edu/,being the most common.
• The URL should always start with https://. The “s” is critical – it means “secure”.
• Change your BU password immediately: https://weblogin.bu.edu/accounts/changepw
• Contact the BU IT Help Center: ithelp@bu.edu or 617-353-HELP.