Cyber actors are taking advantage of the world becoming increasingly reliant on the internet and virtual communications to stay connected and collaborate during COVID-19 pandemic.
The number of phishing websites increased by 350 percent from January to March, according to a report by Atlas VPN, a company providing resources to make internet connection more secure. The FBI also warned Americans that scammers are leveraging COVID-19 to steal money and personal information.
Duke has robust protections in place for its email system, but email impersonation attempts, which come from email addresses that may look like one belonging to the person being impersonated, tough to stop. Using Proofpoint, a service in use at Duke for protecting accounts against malicious email links and attachments, Duke blocks the vast majority of emails containing spam, phishing attempts and malware. In March, about 63.5 million emails bound for Duke users were blocked by Proofpoint, five million more than Proofpoint blocked in March of 2019.
“What we’re experiencing is an environment that hackers love,” said Cara Bonnett, senior analyst for Duke’s Information Technology Security Office. “There is a feeling of urgency and unease. That’s when people are not always thoughtful about the decisions they make when online.”
Fortunately, the Duke IT Security Office is here to help with recommendations and tools employees can use to protect themselves against cyberattacks.
Prevent Zoom Vandalism
With nearly 75 people expected for the Nicholas School of the Environment’s joint Board of Visitors and Alumni Council meeting that will take place on Zoom at the end of April, Ann Thurston wants to do everything she can to keep the gathering private to participants.
She tuned into the Office of Information Technology’s “Security & Privacy in Your Classes & Meetings” webinar last week to pick up a few tips.
“I’m thinking in my head about what would happen if someone hacked into our meeting,” said Thurston, director of advancement services for the Nicholas School.
During the webinar, experts with OIT and Duke’s IT Security Office shared proactive steps to prevent strangers from interrupting your Zoom meeting.
Now, the default setting on the platform only lets the host share the screen. The IT Security Office has updated Zoom to identify guests not on an account under Duke’s enterprise account by highlighting their name in orange.
Duke users can also enable the "Mute participants upon entry" option when creating a meeting, disable private chats between individuals or public conversations and require a meeting password to prevent unwanted guests.
See the full list of security and privacy recommendations here.
Set Up One Password
Thurston, the director of advancement services for the Nicholas School, only needs to remember one password for her nearly 50 different social media, banking and streaming accounts.
The password is for her account in LastPass Enterprise, a password manager software tool that is offered at no charge to Duke community members.
LastPass allows you to centrally manage your passwords by saving them to an easy-to-use vault. Once installed in a browser, LastPass helps you log into sites by prompting you to save logins and later fills them in for you. When you sign up for new online accounts, LastPass will help generate long, strong passwords for you.
“LastPass does all of the managing and remembering for you,” Thurston said. “It’s worth using for maintaining strong passwords.”
Setting up strong passwords should extend to your home wireless network. All wireless devices come with a default password that identity thieves can easily find online.
Bonnett, the senior analyst for Duke’s Information Technology Security Office, recommended changing the default administrator password of your wireless router. The administrator account is what allows you to configure the settings for your wireless network. Directions to change your administrator account differ based on your router.
“Changing the administrator password and the wireless password makes it much more difficult for hackers to get in,” Bonnett said.
Share Sensitive Content on Duke Box
With many of Rabih Younes students at home in China and on the West Coast of the United States, he uses Box to share video recordings of his lectures to students who are in different time zones and unable to tune in live.
Box allows Duke employees and students to access, store and share content securely, which is comforting in a classroom setting where questions are asked and knowledge shared.
“I want my students to feel comfortable,” said Younes, assistant professor of the practice in the Department of Electrical and Computer Engineering.
Bonnett recommended using Box for anything with private information that needs to be shared. There’s no way to trace what happens to a document when you attach it to an email. Box lets you set expiration dates and determine who can view and download files.
“You might as well assume the whole world can view a document when you attach it to email,” Bonnett said. “Box gives you control.”
Update Your Computer Weekly
The end of the week is known as “Restart Friday” in the Nicholas School.
The school’s IT office branded the day to remind everyone to restart their computers. The name stuck with Ann Thurston, who shuts down and restarts her computer at the end of each week.
“It’s the easiest way to make sure your device is safe,” Thurston said.
Restarting or shutting your computer down allows OIT to push software updates to your device behind the scenes. Without updates, cyber actors can use security vulnerabilities to hack into it.
Contact your office’s IT support team to ensure you are receiving the latest updates. If you are using a personal computer, follow this guidance to check your settings.
Beware of Email with Attachments
Caution is key when working on the web.
Cyber-attacks can happen regardless of your technology if you are not mindful.
Beware of email messages with requests or attachments that create a sense of urgency or try to intimidate you through fear. If you recognize the sender’s name, but the request seems odd or raises concern, call that colleague or report the suspicious email through “Report Phish to Duke” with one click of a button.
Duke recently partnered with CrowdStrike to pilot an anti-virus solution for protection against malware, ransomware and other threats. Falcon Prevent is available to faculty, staff and students at no charge on personal Windows computers.
“When we’re all receiving so many emails and messages, it can be easy to trick someone into divulging their personal information,” Bonnett said. “Take a breath and think before engaging with the message.”
We ask for your help to share the proactive and extensive work being done by all Duke community members during the COVID-19 outbreak. Please share ideas, shout-outs and photographs with us here or write us at firstname.lastname@example.org.