IT Security Office

National Cyber Security Awareness month is here!

Monday, October 1, 2012 - 10:02

National Cyber Security Awareness month is here!

As National Cyber Security Awareness month rolls around again, the University IT Security Office is coordinating several events on campus and continuing our annual contest, where you could win an iPad or a Nexus tablet. First, take our IT security quiz. You will also have to complete two other tasks to be entered to win. We’ll include those in future blog posts.

This year we will sponsor a panel discussion of data security topics for international travelers – do you know how to ensure that your personal data and the Duke data you have access to are protected when you’re abroad?

We’re also sponsoring a lunch and learn session on mobile applications and one about password management, and several computer health checks on campus. For details, see the Duke events calendar (http://calendar.duke.edu/events/) or the ITSO events page (https://security.duke.edu/it-security-events).

On the topic of computer health, too often we don't think about our systems’ health until it is too late and we have malware on our computer, we lose our important data, or our computer has become part of a botnet. Here are a few preventative maintenance tips and resources to help you protect your personal computer:

1. Patch your operating system.

For Windows 7: Click on the Start Button -> All Programs -> Windows Update
For Apple OS X: Click on the Apple in the top left corner -> Software Update

2. Patch your applications.

For Windows: Go to http://software.informer.com and download and install Software Informer. This will scan your system for missing patches and update them for you.
For Apple OS X: Go to http://mac.informer.com and download and install Mac Informer, which will also scan your system for missing patches.

3. Install an antivirus client on your computer.

Duke offers McAfee antivirus free to all students, faculty, and staff at: http://oit.duke.edu/comp-print/software/.
Other options include:
- Microsoft Security Essentials for Windows: http://www.microsoft.com/en-us/security_essentials/
- Sophos Anti-Virus for Mac Home Edition: http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

4. Turn on your personal firewall.

For Windows 7: Click on the Start Button -> Control Panel -> Windows Firewall
For Apple OS X: Click on System Preferences -> Security & Privacy -> Firewall

5. Secure your browser

For Google Chrome and Firefox users, install Adblock and Web of Trust (more advanced users might consider installing noscript)
Be careful about clicking on links! The most important component of browser security is YOU.

6. Make sure that your computer is password protected.

For Windows 7: Click on the Start Button -> Control Panel -> User Accounts, and select "change your password"
For Apple OS X: Click on System Preferences -> Users and Groups, and select "change your password"

7. Make a good backup of your system. Windows 7 and Apple OSX have built in back up utilities, and there are a number of low-cost online options.

For Windows 7: Click on the Start Button -> All Programs -> Maintenance -> Backup and Restore
For Apple OS X: Click on System Preferences -> Time Machine
Cloud Options include: CrashPlan (http://www.crashplan.com). and Mozy (http://www.mozy.com)

See http://tiny.cc/Computer-Hygiene-Tips for more great information on protecting your computer.

Avoiding the Phishers

Thursday, September 27, 2012 - 14:36

With the start of a new school year comes an increase in phishing attacks against Duke users. Phishing attacks use “spoofed” emails and fraudulent websites designed to fool recipients into divulging personal data such as credit card numbers, account usernames and passwords and Social Security numbers. Attackers will send messages appearing to come from banks, stores, shipping companies, the Duke help desk, and even friends. One of the latest tactics used by phishing attackers is to send Duke users to a Google Apps site and ask them to enter their NetID and password into a form. Duke would never ask a user to do this.

While Duke’s anti-spam/phishing appliances do catch a large number of messages, some still get through. For example, last month Duke received 116,146,522 email messages. Only 15.3 percent of those messages were classified as legitimate. The remaining 84.7 percent were spam, phishing or malware-containing messages.

Here are two examples of phishing messages that Duke users have received, and how to tell they are fraudulent

Example 1:

This attack happened April 2012. It appeared to come from the Duke OIT Service Desk, but the link didn’t go to a Duke website. You can tell it is fraudulent for three reasons. First, the link went to an external website; second, the grammar used in the message had mistakes; and third, the Service Desk would not send an email to a user with a compromised account. They would contact the user directly or through a department’s IT support staff.

Example 2:

This phishing message appeared to come from President Brodhead, but there are three ways to tell this message was fraudulent as well. First, the link went to a non-Duke address, which turned out to be a Google application form asking for a NetID and password; second, the grammar had mistakes; third, the message appeared to come from news@duke.edu but asked to update your account information.

What can you do?

While Duke’s anti-spam appliances catch a large portion of these messages, and OIT continuously adjusts filters to help limit the spam and fraudulent messages getting through, some messages may continue to show up in your inbox. As such, here are several recommendations for protecting yourself.

Do NOT click on any links in suspicious messages. The links could end up trying to install malware on your computer or convince you to give up your credentials.
Check the sender email address and the “return to” email address. Sometimes the name used will appear normal, but the email address will be a random address created by the attacker to send the message.
Report suspicious email messages to the OIT Service Desk (http://oit.duke.edu/help/).

October is National Cyber Security Awareness Month, and Duke’s IT Security Office is sponsoring a series of events and a contest to remind Duke faculty, staff and students to protect their personal information and data. Check security.duke.edu throughout the month to learn more.

Apple releases iOS 6 - What's on your mobile device?

Wednesday, September 19, 2012 - 20:17

Apple is releasing the new iOS 6 today for iPhone, iPad, and iPod Touch. While iOS 6 has many new features that are sure to be a hit for current Apple consumers, there are also reasons to proceed with caution. Rob VandenBrink posted an excellent article on the SANS Internet Storm Center discussing why you should be concerned about what is on your iPad or iPhone. Do you perform banking operations, update your financial portfolios, or even just check your email, update facebook or twitter on your iPhone? Are you aware of the issues of giving your iPhone or iPad access to your bank account? What happens when you lose your iPhone? Hopefully you are protecting it with a reasonable passcode lock and you have remote wipe feature enabled so that in the event your phone is lost or stolen, you can can remotely wipe your data.

For more details on protecting your mobile device, check out our Mobile Devices security page.

IT Security Office

Pages