October 14, 2021
October is National Cybersecurity Awareness Month
October is National Cybersecurity Awareness Month and the Office of Information Technology (OIT) is reminding faculty, staff and students that they hold many of the essential keys to lock criminals out of individual and SIU systems and accounts.
In the first of a two-part installment, the OIT is sharing what is at risk. A second article will explain what people can do to enhance their cybersecurity efforts and prevent criminal activity. Later in October, the OIT will also offer a cybersecurity challenge designed to elevate awareness and keep the campus cyber-safe.
The OIT wants to remind the campus community that everyone plays a role in maintaining cybersecurity. Sensitive information and device access is extremely valuable, and cybercriminals are smart! Almost every electronic device you use, whether University-owned or personal, is vulnerable to cyberattack. Computers, tablets, phones, gaming devices and smart electronics like printers, smart TVs, and even thermostats can be exploited by cybercriminals. A single mistake can cost you, others, and/or the University much more than time or money; a single breach can destroy the trust earned over decades.
What is at risk?
The OIT typically focuses efforts on cybersecurity awareness and prevention: how to spot suspicious activity and what to do. It is also important that everyone knows what can happen from a single mistake.
If someone unintentionally provides “sensitive information” such as a username and password, a Social Security number, account numbers, or the sensitive data belonging to other people, the door opens for cybercriminals. Similarly, if just one individual clicks on a malicious link or opens an infected attachment cybercriminals may then have access to any data on the machine, use of the machine for additional criminal activity, and/or control over the device’s audio and video capabilities for spying or voyeuristic activity.
Once a skilled cyber-criminal has sensitive data or access to a device, they can:
- Lock down the device or encrypt data and hold it hostage for ransom (known as Ransomware).
- Open and use accounts in an individual’s or institution’s name.
- Access current accounts to steal data, information, or money.
- Connect to thousands of other computers to create illicit networks.
- Spy and record audio and/or video in the area where a device is located.
- Track every keystroke or website visited.
- Store and sell illegal information, photographs, music, software and video.
- Send countless scam, spam and phishing emails to other people.
- Use individual or institutional identities for illegal gain.
- Destroy reputations intentionally or through the fallout associated with a cyberattack.
These risks may seem distant, but they are very close and very real. Any device that connects to a network or extracts information from a portable media source – a thumb drive, portable hard-drive, or CD – is vulnerable.
Here is a helpful, graphic summary of cyber risks. For additional information or for help with a cybersecurity issue, contact SIU’s cybersecurity team at security@siu.edu or visit the SIU Information Security website at https://oit.siu.edu/infosecurity/.