Students

Check out our recent article about Cyber Threat Actor Group “Vice Society” Targeting UCLA and Education Sector.

Avoid Ransomware Attacks

lsouthwi@ucla.edu — Thu, 28 Sep 2017 15:57:01 +0000

Avoid Ransomware Attacks lsouthwi@ucla.edu September 28, 2017

Overview

Ransomware a form of software specifically designed to disrupt, damage, or gain unauthorized access to a computer system. This malicious software then encrypts users’ files or locks their operating systems, rendering them unusable until a ransom is paid. Cyber criminals then demand large sums of money in exchange for decryption and restored access.

Insights

Ransomware Insights

Public schools and universities are becoming prime targets of large-scale ransomware attacks.

Over 1500 schools, colleges, and universities were impacted in 2020 with California schools and universities being impacted more severely than any other state.

UC San Francisco was forced to pay $1.14 million to a cyber-criminal gang in June 2020.

According to Palo Alto Networks, the average ransom demand rose 144% in 2021 to $2.2 million, while the number of victims whose data was leaked grew by 85% in 2021, both new record highs.

Security Tactics

Update software and operating systems with the latest patches. Outdated applications and operating systems are the targets of most attacks.
Never click on links or attachments in unsolicited emails.
Back up data regularly. Use cloud storage where possible to manage offline backups.
Follow safe practices when using devices that connect to the Internet.
Delete suspicious e-mails. Deals that sound too good to be true are probably malicious.
Use e-mail filtering options whenever possible. E-mail or spam filtering can stop a malicious message from reaching your inbox.

Resources

Knowledge Article

Tags

Are You Practicing Safe Social Networking?

lsouthwi@ucla.edu — Tue, 05 Sep 2017 16:06:24 +0000

Are You Practicing Safe Social Networking? lsouthwi@ucla.edu September 05, 2017

Have you ever wondered who, besides your friends and family, might be seeing that strange selfie you posted on Facebook? Or who knows about your upcoming vacation to London? As much as social media sites try to keep your online information secure, there are no guarantees that your posts are completely private. In fact, people like the following might be trying very hard to find your personal info:

Identity thieves. Social media offers a great return on investment for cybercriminals. Phone numbers, addresses, names, and other personal information can be harvested easily and used for identity theft.

Online predators. Are your friends interested in seeing your class schedule or calendar? Criminals could be, too. Knowing your whereabouts makes it easy for someone to victimize you, whether it’s breaking in while you’re gone or attacking you while you’re out.
Employers. Many employers use social networking sites and search engines to investigate applicants and current employees. Think twice before you upload a compromising picture, engage in a fiery political discussion, or post a controversial status update.

How to Stay Safe

Don’t post private information online. Don’t post your birthdate, address, phone numbers, or other personal data. And ask your friends to remove sensitive information about you from their posts. Never assume that anything posted is private.
Use privacy settings and review them regularly. Many sites provide settings that let you restrict public access to your profile. These settings often change over time, so make sure you keep an eye on them.
Be wary of others. Most social networking sites do not have a rigorous process to verify the identity of their users. Always be cautious when accepting a friend request—it might not be from the person you think.
Google yourself. Find out what other people can access by doing a search on yourself. Also, set up an automatic search alert to notify you when your name appears online. (You might want to set alerts for your nicknames, phone numbers, and addresses as well.)
Understand hashtags. Hashtags (#) are a popular way to provide commentary or tag specific pictures. But in many cases, when you apply a hashtag to a post that is otherwise private, anyone who searches for that hashtag can see it.

Remember, what you post online can stay on the internet for a very long time. Practice safe social media networking.

For more tips on social media safety, see our Social Media Security Guide, and Spring Clean Your Social Media Accounts.

Tags

Protect Your Online Identity

lsouthwi@ucla.edu — Tue, 01 Aug 2017 16:10:39 +0000

Protect Your Online Identity lsouthwi@ucla.edu August 01, 2017

More of us are using social media to stay connected both personally and professionally. In fact, according to the Pew Research Center, 69% of internet users in the United States participate in some form of social media—most commonly, Facebook, followed by Instagram—and these users can include current and future employers and recruiters (for college, sports, and jobs) who often use social media to assess employees and candidates. The type of information shared on social media can also provide fodder for phishing attacks and even identity theft.

The internet is forever. Be careful what you’re posting and sharing, and with whom and what you are associating. To someone who doesn’t know you, your social media persona becomes a direct projection of who you might be and can create your online reputation.

Please keep this advice in mind when sharing online:

Understand the default privacy settings on the social networking sites you use and how to change them to match your comfort level.
Limit or disable the location settings on photos and videos you post to social networking sites.
Don’t post photos or videos of inappropriate or illegal activities.
Avoid joining online groups where you don’t know all the members or what causes they support.
Find out who can access the information you are posting online, who controls and owns the information, and what is shared with a third party.
Keep your personal information private. Question whether it’s necessary—it usually isn’t—to share sensitive information such as your birthday, mailing address, phone number, e-mail, mother’s maiden name, sexual orientation, or Social Security number. Consider making up alternate answers to those questions that only you would know.
Don’t “check in” to every place you visit. That information could be used to identify you in a vulnerable location.

For more tips on social media safety, see our Social Media Security Guide, and Spring Clean Your Social Media Accounts.

The IT Security Office is always here to answer your questions. Keep watching our website, and connect with us on Twitter.

Tags

Think You've Been Hacked? Here's How to Shake It Off.

lsouthwi@ucla.edu — Mon, 03 Jul 2017 16:13:48 +0000

Think You've Been Hacked? Here's How to Shake It Off. lsouthwi@ucla.edu July 03, 2017

We’ve posted several articles this year about data privacy, how to protect your accounts with pass phrases and password managers, and how to remove your private information from data broker sites, but what can you do if, despite your best efforts, your account is hacked? And how would you know if it’s been hacked?

Look for signs that your account might have been compromised:

Your friends tell you they’ve received a spam email from your account.
Unfamiliar browser toolbars, homepages, or plugins appear.
Your online passwords aren’t working.
You see fake antivirus messages from software you didn’t install.
Other programs you did not install are running or requesting elevated privileges.
New accounts appear on your devices.
Your bank sends you a message about insufficient funds and unauthorized charges.
Collection companies are calling you.
Your smartphone shows higher battery and data usage than normal, and strange charges appear on your bill.
You receive an official notification about a cybersecurity breach at a place where you’ve done business.

Unfortunately, odds are that at least one of your accounts has been hacked in the last few years. You can check using the website, Have I Been Pwned. If so, how do you remedy the problem?

Ways to “Shake off” an Attack:

If you believe your work computer or UCLA account has been compromised, contact your local IT department as soon as possible.
Change your passwords using a clean device. If you use the same password for multiple accounts, it’s best to change them all, using these guidelines.
Back up important files.
Update your mobile software and apps.
Update your antivirus software and run a complete scan.
Update your browser software and plugins.
If your computer is still not working normally, consider doing a complete reformat to ensure all affected software is fixed.
Don’t let an account hack turn into identity theft. Monitor your credit and report the issue to credit agencies if you believe your personally identifiable information has been stolen.

Finally, stay informed. The IT Security Office posts information about the latest phishing scams on its website and Twitter feed.

Tags

Step Up to Stronger Passwords

lsouthwi@ucla.edu — Thu, 01 Jun 2017 16:19:42 +0000

Step Up to Stronger Passwords lsouthwi@ucla.edu June 01, 2017

Security experts have said that if you can remember your password, it’s not strong enough. As hackers become more sophisticated, passwords become less effective. Many organizations—including UCLA—now offer multi-factor authentication (MFA), which relies on additional credentials besides your password. But what do you do if a site does not offer MFA, and a password is the only safeguard between your personal information and the criminal underworld?

Make your passwords as long as possible. The longer it is, the harder to crack. It should be at least 14 characters or longer. One technique is to create a passphrase instead of a password: string two or three non-related words together. These should be words that you cannot find in the dictionary. Be sure to add numbers, symbols, and upper- and lowercase letters to your password.

Use a different password for every account. It might be inconvenient, but if one of your accounts is compromised, your others will still be safe.

Consider using a password manager. This software can generate incredibly complex and impossible-to-remember passwords for all of your accounts and store them in a virtual “vault” that usually resides encrypted on your hard drive. If you use a password manager, you need only remember one master password to log into it—but this password must be an excellent one. If someone is able to hack into your password manager account, all of your accounts will be at risk. Look for a password manager that offers MFA.

*Bonus Tip: Give Unpredictable Answers to Security Questions. Try answering security questions in an unexpected way. For example, if you’re asked for the make of your first car, you might answer, “Chocolate.” Hackers who already have your password will be much less likely to guess your answers and gain access to your account.

These tips will help you create a strong password, but the best protection is always to use MFA (also known as two-factor authentication or two-step verification) wherever it’s available. There is no substitute. MFA requires at least one other factor besides your password to gain access to an account, such as using a designated smart phone app to confirm each login attempt, or entering a code texted to your phone. Numerous sites now offer this extra layer of security, including Google, Microsoft, Apple, Facebook, and Evernote. (This website can tell you who else is using it.)

Sign up today for MFA—UCLA’s two-step verification solution—and check your other accounts to see if it’s an option. The extra step is worth the effort.

Tags

Device Theft – What’s Your Personal Back-up Plan?

lsouthwi@ucla.edu — Mon, 03 Apr 2017 16:28:49 +0000

Device Theft – What’s Your Personal Back-up Plan? lsouthwi@ucla.edu April 03, 2017

With the rising use of electronic devices such as laptop computers, tablets, cellular phones, and other personal electronics, they have become a target of choice for thieves all over. Because these devices make it easier to store and access information for personal and professional use, they can also put your data at risk. Theft is a significant threat to users of these devices, especially when using them to access your personal information, bank accounts, or work on-the-go.

The cost of a stolen tablet, laptop, or other small electronic device is not solely its replacement cost, but also the cost of peripherals and accessories, the installed software, and the cost of any information that is compromised from that device.
An even greater cost (if your employer issued your device) is the potential exposure and liability that may result from any compromised confidential corporate and client information.

Do you know what to do if your device is lost or stolen? The tips below provide effective theft-prevention techniques and proactive measures to protect your devices and personal data.

Be Aware.

Be aware of the three most common areas where mobile devices and laptops are stolen: airports, mass transit and automobiles – and always keep your items concealed when in a public place. When traveling, carry your devices in a nondescript carrying case, briefcase, or bag when moving about. Placing these items in a case designed for computers is an immediate alert to thieves that you have these valuable devices.

Don't Leave Your Device Alone, Even for a Minute!

If you're not using it, lock your device in a cabinet or drawer, use a security cable, or take it with you.

Differentiate Your Device.

If your device looks unique, it's less likely that someone will steal your device and say they thought it belonged to them. Sometimes identifying markings make the laptop harder to resell, so they're less likely to be stolen. Use a permanent marking, engraving, or tamper-resistant commercial asset tracking tag.

Secure Your Devices.

Use a passphrase, password, or fingerprint to secure your device from casual intrusion. If you choose to use a password, it is important to be sure to choose different passwords for different programs or devices.

Install Location Tracking Software.

Install and use tracking and recovery software included with most devices (e.g., the "Find My iPhone" feature in iOS) or invest in commercial products like LoJack for Laptops or Prey. Some software includes remote-wipe capabilities. This feature allows you to log on to an online account and delete all of the information on your device. There are subscriber and free versions of this type of software, and each provides a different set of features. Search online to find the best combination of function and cost to meet your needs.

Encrypt and Backup Information.

Determine if your device automatically encrypts your data, and make sure that you regularly back up your information. Keep an external copy of any important files stored on your devices in a safe location. If your device doesn't use encryption by default, enable it or install encryption software.

Write It Down!

Record the manufacturer, model, and serial number of your mobile devices and store the info in a safe place. This information can be useful for filing a police report and verifying your device, if it's found.

File a Report.

If your device is stolen, file a police report immediately.

Notify Providers.

Keep important phone numbers such as your cell phone provider or IT support department handy, so you can quickly report the device as lost or stolen. In some cases, the cell phone provider or your support desk may be able to deactivate, lock, or wipe the device for you remotely.

Device theft and data loss are escalating concerns for all users. According to the FBI, 97 percent of stolen devices are never recovered. As we become increasingly more mobile and rely on multiple mobile devices including laptops, smartphones, and tablets to conduct business, crimes associated with these devices are also on the rise. Criminals are increasingly becoming more innovative and inventive in finding ways to steal valuable information from mobile devices and laptops that don’t have appropriate security. Be aware, be secure, and more importantly, be prepared with your personal backup plan.

Tags

Preventing Identity Theft

lsouthwi@ucla.edu — Mon, 31 Oct 2016 21:29:15 +0000

Preventing Identity Theft lsouthwi@ucla.edu October 31, 2016

Identity theft is a serious crime where a thief steals and subsequently uses critical portions of your personal information, such as your full name, date of birth, or social security number usually to commit financial fraud. An identity thief uses your information to fraudulently apply for credit in your name, file a fraudulent tax return on your behalf, gain access to medical services, or impersonate you on social media. These criminal acts can damage your credit score and potentially deny you access to your own credit resources; and can potentially cost you a significant amount of time and money in legal costs to restore your reputation. You may not know that you are the victim of identity theft until you experience a direct financial consequence (unexpected bills, credit collections, or denied loans) related to the actions that the thief has taken on your behalf by using your stolen information.

On the basis of the summary description of the problem above, the protection of the critical portions of your personal identifying information (PII) is paramount to the prevention of identity theft. Secondly, proactive early detection, or prevention services to alert you or to specifically block certain actions from occurring without your knowledge and/or approval are often a worthwhile investment.

Protecting Your Pii

Tax fraud: The IRS has a type of two-factor authentication via an “IP PIN” available to prevent someone from fraudulently filing a tax return on your behalf. For tax year 2015, the IRS paid out over 5.8 billion dollars in fraudulent refunds to criminals using stolen identity information to file fraudulent tax returns. Information on the IP PIN feature can be found here: https://www.irs.gov/individuals/get-an-identity-protection-pin. Also, you should consider opening an online account at irs.gov and at the Social Security Administration so that a potential identity thief can’t potentially open one on your behalf. If you create an online account, you can then subsequently lock that account out permanently if you wish requiring all further interaction with the IRS to occur via written correspondence and postal mail.

Credit bureaus, monitoring, and alerting services: You can use a credit monitoring and alerting service such as LifeLock, ProtectMyID, etc. These paid services typically file recurring “fraud alerts” or “security alerts” with all four major credit bureaus (Equifax, Experian, Trans Union, and Innovis) on your behalf to prevent the use of your personal information without your direct involvement (via positive contact) and actively monitor (real time) your credit history. You can also do many of these things yourself if you are proactive. You can request a free credit report with all four credit bureaus once per year, plus if you file a “fraud alert” with the bureaus every ninety days you can run an additional report at no charge. Filing an alert causes lenders to more carefully verify your identity whenever your personal information is used to apply for credit. Consumers who can demonstrate that they are victims or are likely to be victims of identity theft due to involvement in a data breach involving PII can apply for a long-term, “extended fraud alert” with all four credit bureaus that lasts up to seven years (a police report and/or other documentation may be required). Check the SSNs associated with your children as well periodically. Identity thieves often use information from minors since that information is not usually readily used or monitored. Parents or guardians may want to consider freezing the credit files of their younger children or dependents to prevent fraudulent use until there is a need to unfreeze them in the future when they will be actively used.

Checking and savings accounts: Most banks offer a real-time monitoring service for checking, savings, ATM/Debit, and credit card accounts that alert you whenever a transaction occurs. This can help you to limit fraudulent use of your account to as few transactions as possible since you are immediately aware that a transaction that you do not recognize has occurred and you can rapidly contact your bank.

Medical identity theft: Guard your Social Security, Medicare, and health insurance plan identification numbers. Only give your number(s) to your physician or other approved health care providers. Review your insurance statement and explanation of benefits forms or Medicare summary notices to make sure that any claims match services that you actually received. Report all questionable charges to your health insurance provider or Medicare promptly. Request and carefully review a copy of your medical records at least bi-annually for inaccuracies and conditions that you don’t actually have that may have shown up in your records due to fraudulent use.

Steps You Can Take

Secure your social security number. Don’t carry your social security card in your wallet or write the number on your checks. Only give out your social security number (SSN) when absolutely necessary to trusted individuals.
Don’t respond to unsolicited requests for personal information (your name, birthdate, social security number, or bank account number) by phone, by mail, or online.
Cover the keypad or keyboard when typing your passwords on computers and at ATMs.
Collect your postal mail promptly. Always ask the post office to put your mail on hold when you are away from home and you cannot promptly retrieve your mail.
Pay attention to your billing cycles. If any bills or financial statements are late, contact the sender. Sometimes a thief will file a change of address on your behalf.
Review your credit receipts. Ask for any carbon copies, incorrect charge slips, or refund slips as well. Promptly compare your receipts monthly with your account statements and look for any unauthorized transactions.
Shred all old receipts, all new credit offers received in the mail, any old account statements, and all expired cards, to prevent “dumpster divers” from getting your personal information.
Store any personal information in a safe place both at home and at work.
Use complex passwords that identity thieves cannot guess easily and multifactor authentication when available so that compromised credentials cannot be easily used to gain access to accounts. Change your passwords regularly and change them immediately if any company that you do business with has a security breach.
Order your credit report at least once a year and review it carefully to be certain that it doesn't include accounts that you have not opened. Check it more frequently if you suspect someone has gained access to your account information.

Tags

Social Media Security Guide

lsouthwi@ucla.edu — Thu, 29 Sep 2016 21:46:43 +0000

Social Media Security Guide lsouthwi@ucla.edu September 29, 2016

Social Media Tips

Don’t input, store, or post personal or sensitive information on social media platforms.
Exercise good judgement! Once you post, that information has been seen by others and in some cases cannot be retracted. Filter what is posted about you and by whom by requiring permission before posts become visible.
Be cautious with information sharing. Maintain your personal privacy settings on social media systems and do not allow any personally identifiable information to become visible to others.
Change passwords regularly, use a complex password and/or use multi-factor authentication when available.

Social Media Risks

Geotagging: What Is It?

Geotagging adds geographical identification data to photos, videos, websites and text messages through location-aware applications. This technology helps people file images and information based on a location from a mobile device or desktop computer.

What Is the Risk?

You should be cautious when enabling the geotagging features on mobile, location-based apps or certain camera devices because this feature could create personal security risks. Be certain to disable geotagging features at sensitive locations or you may inadvertently tell people exactly where you are, where you work, or where you live with GPS accuracy.

Audience: What Is It?

Audience is a general term that describes who is able to view and/or comment on your posts.

What Is the Risk?

Be aware that your audience can change at any time and may be able to view a post containing information about you. You may have only intentionally shared something with your “friends”, but who they share it with could be out of your control. “Friends of friends” is quite often a very large group of people – many of which you may not know or even associate, so choose your audience wisely.

Identity: What Is It?

Identity is a general term to describe information that pertains specifically to one individual.

What Is the Risk?

There are individuals who use social media as a research method seeking identity information, with possible nefarious intentions such as identity theft, fraud, impersonation, or intimidation.

Tags