Cyber security

A cyber security incident is a single or series of unwanted or unexpected events that have a significant probability of compromising an organisation’s business operations.

Cyber security incidents can impact the confidentiality, integrity or availability of a system and the information that it stores, processes or communicates.

Types of cyber security incidents

The types of cyber security incidents you should report include:

• suspicious system and network activities
• compromise of sensitive information
• unauthorised access or attempts to access a system
• emails with suspicious attachments or links
• denial of service attacks
• suspected tampering of electronic devices.

Contact DTS and report your concerns. Methods of contact include calling the IT Service Desk on (08) 7943 6600, logging a job in LogIT, or in the case of a spam or phishing email attaching the email to another and sending it to report-spam@cdu.edu.au.

Please note: The suspect email needs to be attached so that the headers of the email can be examined. Forwarding it removes the suspect emails' original headers.

Phishing

Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.

Whaling or spear phishing

The scammer targets a business in an attempt to get confidential information for fraudulent purposes. To make their request appear legitimate, they use details and information specific to the business that they have obtained elsewhere.

Play

Play

Download Transcript

For further information

• LinkedIn Learning - Phishing scams (Video 5m 47s)
• Scamwatch phishing 

Phishing and spear phishing emails try to look like legitimate emails.

Below are some indicators that an email is fake.

Spotting a fake email

Should you suspect an email is a phishing or spear-phishing email you should use
the "Phish Alert Report" button in Outlook or send it to report-spam@cdu.edu.au
where it will be accessed, and if found to be such an email, blocked.

How to use the phish alert button

Please refer to the How to use the phish alert button page from KnowBe4.

Be wary of opening an attachment from an unknown source as it can have serious consequences for everyone at CDU.

Points to note are:

• do not run or enable macros on documents you do not know or trust. When opening a document, it will ask you if you want to enable macros, never enable macros on a document you do not totally trust.
• be very cautious around phone contacts asking or pressuring you into opening documents and enabling macros.
• if in doubt please forward emails containing documents with macros to CDU.SecurityAlerts@cdu.edu.au.
• do not open documents from private or personal email addresses containing macros while connected to the CDU network directly or via VPN.

Recognising a macro document

Macros were designed to be helpful and provide document automation, but now they have been subverted and are often malicious.

The icon for Word and Excel documents that have Macros looks like these:

 Word

 Excel

Macros can also come in other file formats, such as PDF, so beware of opening any documents.

If you open the document, it will ask if you want to enable content.
Never click "Enable Content" unless you trust the document.

Further information on Macro viruses can be found here Norton - Macros Viruses and here Caliro - What is a Macro Virus.

CDU uses the industry-leading company KnowBe4 as our cybersecurity training provider.

There are also 14 optional Cyber-Security training courses available via the KnowBe4 library. To access these, login to KnowBe4 Training and click the Library tab to the right of the Training tab to access them.

The courses cover the below subjects, and much more;

• Email threats
• CEO Fraud
• Safe Web Browsing
• Mobile Device Security
• Social Engineering
• Safely working from home
• Common threats

Data protection is ensuring that only people that are authorised have access to your data or CDU's data have access. This is to ensure the confidentiality, integrity and availability of that data.

You can improve the protection of your data by:

• never share your password with anyone regardless of who it is, this includes giving it to IT Support when asked.
• using two-factor authentication where available.
• never use your password to try and log in to suspicious websites.
• use trusted cloud storage solutions, such as OneDrive, instead of storing on thumb drives or external hard drives, which can be lost or stolen.
• add password protection to sensitive files. Programs such as Microsoft Word and Excel have this built-in but need to be applied. Be aware if you do this and forget the password, the document will be lost and not recoverable.
• keep computers up to date with the latest security patches. 
• keep anti-virus software up to date. 

At CDU anti-virus and security patches are done automatically but home computers are your responsibility.

Passwords are the most common method for users to confirm their identities on computer systems or websites. It acts as the first line of defence against unauthorised access.

Password Management is critical to maintaining the effectiveness of this line of defence by practising a good password management policy.  

Further information

Stop|Think|Connect - General Tips & Advice for practicing online safety

If you really want to manage your passwords well, you can get a password manager. This is a program or application that acts as a wallet for your passwords. It requires a master password to open and once opened allows you to access your other passwords. It will even create and store passwords for you, which can be copied and pasted when needed. Make sure if you do this, that the program or application has a good reputation and that you create a strong master password.

If you don't want to get this sophisticated, you need to at least avoid using the same password for everything, because once it has been compromised it can be used on other websites. One way of doing this would be to have a composite password made up of two parts. One that is standard for everything and the second part that is unique to the website. That way, when you log in, you build the password from the rules that only you know.

Further information

LinkedIn Learning - Protecting yourself Online - Passwords (Video 2m 58s) 

Malware is malicious software that is specifically designed to disrupt, damage, or gain authorised access to a computer system.

Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. Normally the files are encrypted and the victim, to regain access, is expected to pay to get the files decrypted.

Further information

LinkedIn Learning - Viruses and Malware (4 Mins)

Malware and Ransomware have to get on your computer in the first place. They are normally disguised as legitimate-looking attachments that have malicious code buried inside them.

To prevent this make sure you carefully examine any attachments that you receive. If an attachment says it needs special permission before it will open, don't try and open it. It needs to be carefully examined to see if it is malicious.

Before trying to open attachments ask yourself:

• was I expecting this?
• have I received files like this before from this sender?
• do I know the sender?

Points to note are:

• do not run or enable macros on documents you do not know or trust. When opening a document, it will ask you if you want to enable macros, never enable macros on a document you do not totally trust.
• be very cautious around phone contacts asking or pressuring you into opening documents and enabling macros.
• if in doubt please forward emails containing documents with macros to CDU.SecurityAlerts@cdu.edu.au.
• do not open documents from private or personal email addresses containing macro’s while connected to the CDU network directly or via VPN.

Also, see "I have received an email with a suspicious attachment. What should I do?" in the top section above.

Online privacy (or sometimes called Internet privacy) involves the ability to control what information you reveal about yourself over the Internet and to control who could access that information. 

How can I maintain my online privacy?

Be careful where you post personal information. If you want to give someone some personal information, do it in a private message, not on an open post that everyone can read.

Check your privacy settings on social media, so that only the people you want to see information are in fact the only ones.

Further information

LinkedIn Learning - Protecting Yourself Online  - Sharing Sensitive Information (Video 4m 59s)

Not everyone you meet online is who they say they are. That won’t be news if you’re familiar with the messaging from our colleagues at the Australian Cybersecurity Centre and Australian Federal Police about keeping yourself safe online.

Play

Play

Any invites to link online with people should be viewed with a high degree of caution. Only link to people that you have confidence they are who they say they are.  People are out there are tricking unsuspecting individuals into connecting and then manipulating them once they have. People receive offers that sound too good to be true because they are too good to be true.

Play

Play

The Australian Security Intelligence Organisation (ASIO) have developed a resource kit to let you know more about the problem and how to avoid it.

Resource kit: https://www.asio.gov.au/TBYL.html