Be Cyber Secure

Cyber Security at CDU

In today's world we are all faced with cyber security threats. 

This page covers some of the main threats you might come across.

  • Reporting a Cyber Incident
  • Phishing and Spear Phishing Emails
  • Data Protection
  • Password Management
  • Malware and Ransomware
  • Online Privacy

If we are all vigilant we can work together to help secure our data and systems.

Open all | Close all

Reporting a Cyber Incident

What is a Cyber Incident?

A cyber security incident is a single or series of unwanted or unexpected events that have a significant probability of compromising an organisation’s business operations. Cyber security incidents can impact the confidentiality, integrity or availability of a system and the information that it stores, processes or communicates.

Types of Cyber Security Incidents

The types of cyber security incidents you should report include:

  • suspicious system and network activities
  • compromise of sensitive information
  • unauthorised access or attempts to access a system
  • emails with suspicious attachments or links
  • denial of service attacks
  • suspected tampering of electronic devices.

How should I report a Cyber Incident?

To report a cyber incident you should contact ITMS and report your concerns. Methods of contact include calling the IT Service Desk on (08) 8946 6600, logging a job in LogIT or in the case of a Spam or Phishing email attaching the email to another and sending it to report-spam@cdu.edu.au 

Note The suspect email needs to be attached so that the headers of the email can be examined. Forwarding it removes the suspect emails original headers.

Phishing and Spear Phishing Emails

What are Phishing and Spear Phishing emails?

Phishing

Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.

Whaling or Spear Phishing

The scammer targets a business in an attempt to get confidential information for fraudulent purposes. To make their request appear legitimate, they use details and information specific to the business that they have obtained elsewhere.

For Further Information

What does a Phishing or Spear Phishing email look like?

Phishing and Spear Phishing emails try to look like legitimate emails.

Below are some indicators that a email is fake.

Spotting a Fake Email

Spot a fake email

How should I report a Phishing and Spear Phishing email?

Should you suspect an email is a Phishing or Spear Phishing email you should use
the "Phish Alert Report" button in Outlook or send it to report-spam@cdu.edu.au
where it will be accessed and if found to be such an email, blocked.

How to use the Phish Alert button

Please refer to the "How to Use the Phish Alert Button" page from KnowBe4.

Data Protection

What is Data Protection?

Data protection is ensuring that only people that are authorised have access to your data or CDU's data have access. This is to ensure the confidentiality, integrity and availability of that data.

How can I ensure my data is protected?

You can improve the protection of your data by;

  • Never sharing you password with anyone regardless of who it is, this includes giving it to IT Support when asked.
  • Using two factor authentication where available.
  • Never use your password to try an login to suspicious websites.
  • Use trusted cloud storage solutions, such as OneDrive, instead of storing on thumb drives or external harddrive, which can be lost or stolen.
  • Add password protection to sensitive files. Programs such as Microsoft Word and Excel have this built in, but needs to be applied. Be aware if you do this and forget the password, the document will be lost and not recoverable.
  • Keep computers up to date with the latest security patches. 
  • Keep anti-virus software up to date. 

At CDU anti-virus and security patches are done automatically but home computers are your responsibility.

Password Management

What is Password Management?

Passwords are the most common method for users to confirm their identities on computer systems or websites. It acts as a first line of defence against unauthorised access.

Password Management is critical to maintain the effectiveness of this line of defence by practising a good password management policy.  

Here is CDU's password policy:

http://www.cdu.edu.au/governance/doclibrary/pol-023.pdf

Further Information:

How can I manage my Passwords?

If you really want to manage your passwords well, you can get a password manager. This is a program or application that acts as a wallet for your passwords. It requires a master password to open and once opened allows you to access your other passwords. It will even create and store passwords for you, which can be copied and pasted when needed. Make sure if you do this, that the program or application has a good reputation and that you create a strong master password.

If you don't want to get this sophisticated, you need to at least avoid using the same password for everything, because once it has been compromised it can be used on other websites. One way of doing this would be to have a composite password made up of two parts. One that is standard for everything and the second part that is unique to the website. That way, when you login, you build the password from the rules that only you know.

For Further Information

Malware and Ransomware

What is Malware and Ransomware?

Malware is malicious software which is specifically designed to disrupt, damage, or gain authorized access to a computer system.

Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. Normally the files are encrypted and the victim, to regain access, is expected to pay to get the files decrypted.

For Further Information

How can I avoid Malware and Ransomware?

Malware and Ransomware has to get on your computer in the first place. They are normally disguised as legitimate looking attachments that have malicious code buried inside them.

To prevent this make sure you carefully examine any attachments that you receive. If an attachment says it needs special permission before it will open, don't try and open it. It needs to be careful examined to see if it is malicious.

Before trying to open attachments ask yourself;

  • Was I expecting this?
  • Have I received files like this before from this sender?
  • Do I know the sender? 

Online Privacy

What is online privacy?

Online privacy (or sometimes called Internet Privacy) involves the ability to control what information you reveal about yourself over the Internet, and to control who could access that information. Protect your online privacy. Don’t ever put anything online that you wouldn’t want to show up on the front page of NT News, or that you wouldn’t want your grandmother to see.

For Further Information

How can I maintain my online privacy?

Be careful where you post personal information. Don't over share! If you want to give someone some personal information, do it in a private message not on an open post that everyone can read.

Check your privacy settings on social media, so that only the people you want to see information are in fact the only ones.

ITMS

Contact information

W: logit.cdu.edu.au

Location
IT Kiosk, Red 8, Casuarina campus
Office hours: 8am - 4pm, Mon- Fri (CST)

Telephone
08 8946 6600 (ext 6600)
Phone hours: 7:30am - 6pm (Mon - Thu)
7.30am - 5.30pm (Fri)

News

ADAPT Technologies


The ADAPT technologies make it easier to access your work across a variety of devices.

Find out more about how ITMS are making the transition to ADAPT.

Related links