System Updates and Cyber Security

No doubt: you are aware of the little pop-up windows or notifications on your computer screen. They tell you software updates are available for your computer, laptop, tablet, or other mobile devices. You might be tempted to click on the “Remind me later” button or even click on the “X” and close out the notification, especially if you are in the middle of something important. You aren’t alone! However, it is in your best interest not to put off updating your software. Once you are in a place where you can save your work and let your device perform the updates, go for it. 

Even though their frequency may come across as annoying, software updates are important to your digital safety and cyber security. Perform the update and you can feel confident your device is more secure — at least until the next update becomes available. 

Why are software updates so important? Here are a few reasons to help show why it’s important to regularly update software. 

1. Software updates are multitaskers 

Software updates offer plenty of benefits. It’s all about revisions. Some of these updates may include updating security issues that have been discovered, fixing or removing computer bugs from previous updates and helping with system performance. Updates contribute to your system’s overall health by adding new features and even removing outdated ones. 

2. Updates help correct security flaws 

In our digital world, hackers have taken advantage of previous updates by exploiting security flaws, also known as software vulnerabilities. According to Wikipedia a software vulnerability is a weakness which can be exploited by a threat actor, such as an attacker, to cross privilege boundaries within a computer system. Hackers can take advantage of the weaknesses in past updates by discovering holes in the system’s security. Once a vulnerability has been discovered, a hacker can write a code or program to target the vulnerability.  

The code or program is packaged into malware — short for malicious software, this is what is known as an “exploit” which has the potential to infect a computer. Sometimes these exploits have have been known to mimic compromised messages, rogue websites or even infect media files such as audio and video files.  

What can malware do to a computer system? Malware has been known to steal data saved on a computer system or granting access to system files and even allowing an attacker to encrypt personal files.  

Software and system updates, specifically security updates typically include patches to correct security holes in a system. 

3. Software updates help protect your data 

Chances are you use your device to store personal files and you may take advantage of online shopping and banking. Your personal information, known as a Digital Identity (online shopping, banking and even from email accounts) is valuable to cyber criminals. According to Lifelock a Digital Identity “consists of various pieces of information about you—in digital form—that, when put together, point to you. Such pieces of information are often called “data attributes.” They can be something obvious, such as a username or Social Security number, or something less apparent, such as your online comments or search activities.” 

This information can be used by an attacker to commit crimes in your name, or an attacker may even sell your data on the “dark web”, enabling others to commit crimes. Some forms of malware are known as ransomware. Ransomware is an attack where malware encrypts your data files until you pay the attacker to release them – it is important to note that paying an attacker during a ransomware attack does NOT guarantee the release of your data files.  

Keeping your device up to date helps prevent such attacks from occurring. 

 4. Be a team player 

Keeping your device up to date helps protect your device from outside attacks, but did you know that it also helps defend others as well? Think of it this way, by keeping your device up to date you are helping to stop the spread of harmful software (like a virus or malware) from infecting your friends, family and even coworkers.  

Using trusted software, such as Microsoft Defender helps secure your device and helps protect those you interact with online. 

5. Stay cutting edge 

With all this talk of updates patching security holes, we can’t forget that updates also help improve your system by adding new features, improving older ones – and even removing features that are no longer needed.  

These updates help keep your system running and keep your device on the cutting edge by offering stability to programs that may have been slow to open or even crash from time to time. An update may speed up your system by optimizing performance. 

6. Ultimately, its up to you 

Remember, you always have the choice to ignore the updates – however you may end up missing out on functions that your associates may take advantage of. Not to mention that by doing so, you leave the door open for potential outside attacks.  

By: Mike Lane 

Resource URLs: 
https://us.norton.com/internetsecurity-how-to-the-importance-of-general-software-updates-and-patches.html  

http://spotlight.okstate.edu/dasnrit/category/security/

https://en.wikipedia.org/wiki/Vulnerability_(computing)

https://www.lifelock.com/learn-identity-theft-resources-whats-your-digital-identity.html

https://www.merriam-webster.com/dictionary/ransomware

https://www.microsoft.com/en-us/windows/comprehensive-security

https://support.microsoft.com/en-us/help/875349/how-to-change-your-automatic-updates-settings-by-using-windows-securit

Cybersecurity Awareness: Whaling Attacks

“Phishing” uses fraudulent information in an attempt to obtain sensitive information and typically uses email or instant messaging. The intended recipient is deceived by the scammer through the use of trusted sender names (as the sender) and websites (in the message body). The user is directed to a fake website which asks for personal information as verification to proceed with a transaction. Once entered, the scammer has successfully collected the user’s identity.

“Spear-phishing” is a form of phishing that targets individuals. Spear phishing attacks target a specific victim and messages are modified to specifically address that victim.

“Whaling” attacks are a form of spear-phishing which target specific, high ranking victims within a company. Both spear-phishing and whaling take much more time and effort to execute than phishing attacks because of the need to gather personal details on their targets in an effort to legitimize the message.

An example of a whaling message may be something of the following. Assume that “John Doe” is a trusted high-ranking colleague with whom you, Jane Doe – jane.doe@okstate.edu – regularly communicate via their business address. For our example, John’s business address is normally john.doe@okstate.edu.

****

From: "John Doe" <john.doe123@yahoo.com>
To: "Jane Doe" <jane.doe@okstate.edu>
Subject: 

Are you available?

John Doe
Dean, Agricultural Systems
Oklahoma State University

****

Normally, this message might seem legitimate as we recognize and trust the sender, the signature line seems correct, there is no web link, and the sender simply asks for a response. The first thing – perhaps the only thing – that seems odd is that the return address is not their business email address. If we reply to this message, the scammer will know our email address is valid and we can be sure to receive a follow up message that will include a web link to a site that requests our credentials or we will receive an attachment that is contaminated with malware.

If we suspect the message is a whaling attempt, forward the message to the email address in your Contacts for this person. In our example, we would forward the message to john.doe@okstate.edu. This allows us to bypass a potential scammer and communicate directly with the purported sender.

Sources:

• https://en.wikipedia.org/wiki/Phishing
• https://digitalguardian.com/blog/what-is-spear-phishing-defining-and-differentiating-spear-phishing-and-phishing
• https://digitalguardian.com/blog/what-whaling-attack-defining-and-identifying-whaling-attacks

Trumba – Changing the Time Zone Setting

OSU’s default setting for Trumba events is Pacific Time. Until OSU Communications (who manages OSU’s license) can resolve this default setting for all OSU employees, each user must change this setting. Once changed, it will become the default for all your events.

When completing the event submission form for Trumba, if your time zone setting is “Pacific Time (US & Canada)” update the time zone by following these steps:

(1) Browse to the Trumba events portal at https://eventactions.com/eventactions/okstate-extension-county#/mysubmissions

(2) In the top left corner click on the “O-Key” sign-in link:

(3) After you have logged into the site with your OSU email address and password, click on the menu option in the top right corner then choose “Settings”:

(4) In the “Time Zone” field, choose “Central Time” from the drop down menu:

(5) Save your update!

(6) Click on the menu option and log out. You are done!

Mobile Device Security When Traveling Abroad – Cyber Security Awareness Month 2017

Securing Your Data: Mobile Device Security When Traveling Abroad

If you need a laptop computer, borrow a loaner from your departmental IT support group. Ensure the laptop has the necessary software you plan to use on your trip. When you return, the IT Specialists should clean the computer (wipe the drive and reinstall software). Assume the laptop computer will become infected with malware while traveling; the cleaning process protects other devices from becoming infected once the laptop computer returns to the local network.

• If your departmental IT support group has a loaner mobile device (for example, iPad, Android tablet), you may consider using it rather than your personal device.
• Unless it is absolutely necessary, disable wireless technologies on your laptop computer and cell phone such as Bluetooth and Wi-Fi. Bluetooth headsets are strongly discouraged and should not be taken with you. When these technologies are needed, make sure all local shared folders are password protected. Wireless technologies can be used to gain entry to hosted devices such as laptop computers, mobile devices and cell phones. Once entry has been gained, access to intellectual property, proprietary information, files and passwords becomes available. In addition, keyloggers can be installed which collect all keystrokes and store them into a file that is later downloaded.
• Never let your cellular phone and mobile devices out of sight. When not being used, turn off your cell phone and mobile devices. Minimize the data contained on the device. Some phones can be remotely controlled so that the microphone and camera are enabled which allows remote users to listen to, watch, and record conversations.
• When connecting to the internet via wired or wireless, use OSU’s virtual private network (VPN) software to access the internet. A VPN provides for a secure and encrypted connection to the internet.
• Be aware of all usernames and passwords you use while traveling. Once you return, change these passwords. Consider creating a temporary account on Gmail or Yahoo before you leave that can be used for email communication. Limit use of instant messaging and text messaging.
• When using thumb/USB drives, use a PIN and encryption code to protect the data. If the drive is scanned or lost, the data is more secure when protected with an extra layer of encryption technology.
• Unless calls from your cell phone are encrypted, the foreign government can monitor them even if you use a U.S. cellular company’s service. Be aware of communicating confidential or proprietary information. Some users may consider a pre-paid cellular phone that can be disposed of upon returning to the U.S.
• Do not take unneeded car/house keys and credit cards. Clean out your billfold/purse of any financial information such as bank numbers and logins/passwords.
• The U.S. Government’s “Smart Traveler Enrollment Program” can be helpful in planning your trip and ensuring a safe return: https://step.state.gov/step/.

Preventing Phishing – Cyber Security Awareness Month 2017

With the increase in fraudulent emails to Oklahoma State University employees over the past year, now is as good a time as any to develop best practices for keeping your devices malware free and your information secure. October is National Cyber Security Awareness Month and with the help of the Department of Homeland Security and the National Cyber Security Alliance, DASNR IT is here to shed some light on phishing attacks.

Phishing (pronounced “fishing”) is the attempt to obtain sensitive information such as usernames, passwords, and credit card details often for malicious reason, by disguising as a trustworthy entity in an electronic communication.[1]

A phishing email can look like it comes from a financial institution, your favorite online shopping website, or even Oklahoma State University itself. Many of these emails are asking you to act quickly because, for example, your account has been compromised and a recent online order cannot be fulfilled without payment. Stop and think before deciding to click any links or open any attachments that might have come with these emails.

According to Symantec [2] the vast majority of malicious emails will contain links that will take you to websites containing malware or the message will have attachments infected with malware. If you are unsure if an email request is legitimate, try contacting the company directly using information you already know or info that can be easily obtained online.

Phishing, spam, and other scams aren’t limited to just email. Social networking sites such as Facebook are also prevalent with malware. Online advertisements, Facebook status updates, and tweets can also contain malicious links, so “when in doubt, throw it out.” Most online sites, including social networking and media websites, have ways to report spam and phishing as well.

Oklahoma State University has a way to report fraudulent email. You can forward any email you receive to your okstate.edu account and believe to be malicious to spam@okstate.edu which is monitored by OSU IT Security. When they find malware that is contained in the email links or attachments, they can respond to the email administrators and then initiate filters to, hopefully, prevent anyone else from getting the email as well.

Below are some links with more information to help you remain vigilant against phishing attacks and, as always, contact your support specialist if you need any further information.

• https://www.dhs.gov/publication/ncsam-phishing-awareness-2017-poster
• https://www.dhs.gov/science-and-technology/cyber-tip-become-cyber-savvyprotect-against-phishing-attacks
• https://www.dhs.gov/sites/default/files/publications/Phishing_0.pdf
• https://staysafeonline.org/stay-safe-online/online-safety-basics/spam-and-phishing/

[1] https://en.wikipedia.org/wiki/Phishing

[2] https://www.symantec.com/security-center/threat-report