SEMO IT Security Officer Discusses Protecting Technology From Hacking, Malware Amidst Current Events
As tragedies escalate in Europe, many have voiced concerns about a rise in cybersecurity attacks. On Feb. 25, 2022, Information Technology (IT) sent an email to the Southeast community regarding cybersecurity vigilance. According to the email, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are aware of these issues and are urging the public to be cautious of ransomware, keylogging, and device-takeover attacks.
Types of cyberattacks
SEMO information technology security officer Bill Green said there are three types of attacks currently aimed by hackers towards the United States and Europe.
Green said ransomware is a type of software that encrypts an individual’s data and leaks it. After encryption, the hacker will ask for ransom money in exchange for the decryption key.
He said another attack is keylogging. Keylogging is malware that could be installed or downloaded onto someone’s device. With this, the hacker can record every button pressed, recording the usernames and passwords to any account.
Green said device-takeover attacks occur if an individual’s usernames and passwords are leaked to the dark web. Hackers can then hijack accounts and commit fraud, steal credentials and take over the account.
Green said the best way to protect personal information is to have a multi-factor authenticator (MFA) set up on all accounts.
“If someone gets your username and password, that's not ideal. But if you have two-factor or multi-factor authentication set up on your account, they likely can't get that additional factor needed to get into the account,” Green said.
Green said students who use text messaging as MFA instead of Microsoft authenticator are not safe from hacking.
“I know a lot of the students on campus use the text message for their multifactor instead of using the Microsoft authenticator. The problem with [text message] is that it isn't particularly secure, either. I really would encourage folks to use Microsoft authenticator or Google authenticator. Not just for someone on campus, but if they have an email account, banking or whatever the case may be. Definitely use that additional factor, because it's getting harder and harder even for the antivirus manufacturers to catch some of this malware,” Green said.
Virtual private networks
A virtual private network (VPN) helps to encrypt and secure data. Internet service providers (ISP) or hackers cannot see internet traffic going back and forth, but the VPN does not protect a device from hacking or malware.
Clicking a link without ensuring the link is safe could install malware on a PC, laptop or phone. Many hackers and criminals use VPNs knowing their data will not be tracked or logged.
Links containing malware
Green said the easiest way for cyberattacks to occur is by clicking links sent through email or text messages.
“Someone might send you a link on [Microsoft] Teams or send you a link on email, and you go, ‘I know you know this person, I'll click on the link.’ Unfortunately, either they got hacked and sent you a bad link, or they didn't research the websites they're sending you to. It's sad to say, it could be simply as straightforward as visiting a website. If you go to the site, it looks like a regular site. Maybe it's sports scores or something like that. But in the background, it's installing software on your laptop or your phone,” Green said.
To ensure a link is safe, Green said to “do your due diligence” and check back with the sender to make sure they sent the link and weren’t hacked.
“If your professor sends you an attachment [via email] but didn't send it to Canvas, say anything about sending this off to the class, reach out to them and confirm, ‘Hey, did you send this PDF to [me]? Is this [the] web link that you wanted me to go to?’ And just confirm with them that they actually did send it,” Green said.
Green said secure systems or sites are also in danger of data breaches. He mentioned the 2013 Target security breach. Anyone who swiped their card at Target had their information stolen. The point of sale (POS) system was seen as secure, but hackers gained customers’ full names, phone numbers, email addresses, credit card numbers and verifications.
Social media misinformation
Instagram, Facebook, Twitter and Reddit use infographics, threads or memes to post information on current events. Green said to take the provided information lightly and verify with other sources to ensure the information is correct.
“People are getting pelted with information all the time. It's pretty easy to see a meme or a post on Facebook and [assume] that's what must have happened. All I could say is just take everything with a grain of salt,” Green said. “I've noticed, especially in the last week or so, with the events that are going on as everything I read, even in terms of just cybersecurity, I just take it with a grain of salt. I want to see one or two other sources say [the same information]. There are a number of websites I try to check every morning and in the afternoon. If I start seeing the same information from the three top sites that I trust, then I go, ‘OK, that's probably what actually is going on.’”
Fake donation links
The Feb. 23 email stated to use caution when clicking links for donations to Ukrainian refugees. Green said to use established organizations such as the United Nations Children’s Fund (UNICEF), United Nations, Red Cross, and Red Crescent for donations, as many cyberattacks happen from clicking faulty links.
“For instance, the tornadoes down in Kentucky, I'm not going to have someone send me an email with a link saying, ‘Hey, here's a GoFundMe page.’ I'm just not going to do it. I'll just go right to the Red Cross and give them the $20 because I know I can trust that site. So, for a lot of listings, if there's an organization you've worked with before, donated to before and you trust, stick with those [organizations],” Green said. “When you're looking at a major catastrophe or natural disaster, I would just go to the big sites. You can even go to the United Nations’ website or whitehouse.gov. They'll have links that will take you to various organizations who are collecting money for relief.”
Green said to remain skeptical of links received through email or text, as many could contain malware.
To stay updated on cybersecurity and current security events, visit the CISA website.
The Southeast Arrow is a contributing partner with KRCU Public Radio.