Nov. 18, 2024
Cybersecurity attacks are getting more sophisticated – what you can do to protect yourself
Picture this: With a few weeks left in the fall term, you’re tucked away on campus, putting the final touches on a term paper that’s worth 40% of your grade and reviewing your study notes for an important final exam. In between, you’ve been taking breaks by streaming TV shows, online shopping, catching up on emails, and looking for a job so you can save up some money over the holidays.
The next day, you get ready to do it all over again, but when you open your laptop, your screen displays a message that makes your blood run cold: “All your files have been encrypted. Send payment within one week to the address below to unlock your files, or everything will be deleted”. All your files—years of coursework, that final paper worth 40%, emails, your tax documents and financial information—have just been locked by ransomware.
What happened?!
It happens more often than you think
Sean Murray, Manager of Cybersecurity Operations at ݮƵ, states that cybersecurity attacks target the ݮƵ community every day. Falling victim to an attack can have severe consequences such as financial loss, loss of important work, reputational damage or critical research being put at risk.
These attacks can take many forms, such as phishing, malware or ransomware, password attacks, intercepting data through unsecured networks/websites, and more. As technology continues to advance, these attacks are becoming more sophisticated and, sometimes, harder to detect.
“It’s very much a numbers game,” Sean says. “These social engineers send thousands of emails and can successfully target a few dozen students. We [also] block malicious and phishing websites on campus networks, which can be anywhere from 30,000 to 60,000 websites.” Just one successful attack can have major consequences beyond the individual. For example, phishing attempts can give attackers access to a legitimate identity they can use to fool others.
Updated D2L Privacy and Cybersecurity Course for students
Starting in November, all ݮƵ students have been auto-enrolled in IT’s refreshed D2L course, where they can access training on how to protect their data and defend themselves from these malicious attempts. This course also establishes a strong base of cybersecurity knowledge that students can bring to their future careers, where digital literacy and decision making are crucial. The modules in this D2L course offer bite-sized, interactive lessons on critical topics such as social engineering, phishing, social media safety, and back-to-school cyber safety. Students who complete the course will also earn a certificate of completion, highlighting their cybersecurity skills.
We want to build a culture of caring, not scaring.
The university’s cybersecurity training is designed to help students see the value in protecting their personal and academic information – not through fear or anxiety, but by fostering a sense of commitment and responsibility. “We want to build a culture of caring, not scaring,” says Mark Sly, Director of IT at ݮƵ. “Our goal is to ensure students feel supported, educated and invested in safeguarding their accounts and data.”
What can you do to protect yourself
- Complete the on D2L (if completed by Nov. 30, you can be entered to win one of $50 EverythingCard digital gift cards!)
- Use a strong password for all your accounts. If you suspect you’ve been phished, you should also reset your password immediately through IT’s Password Management webpage
- If you think you’ve been targeted or affected, submit a ticket to UService as soon as possible
- Learn how to identify common attacks
- Read and follow IT’s
- Check out Canada’s national resource GetCyberSafe.ca for emerging cyber threats and effective strategies for protecting personal data.
Acting fast can make all the difference if students realize they have fallen victim to a phishing attack or scam “Don’t wait for somebody to confirm it for you,” Mark emphasizes. “If things don’t feel right, trust your gut.”