According to several alerts from state and national authorities, tensions with Russia and the United States have caused an increased number of cyberattacks, specifically in large institutions in both the private and public sectors.
In an advisory released by the Cybersecurity & Infrastructure Security Agency (CISA), several institutions, such as the NSA and FBI, have witnessed an uptick in Russian state-sponsored cyber attacks. These attacks frequently infiltrate U.S cleared defense contractor organizations and employ simple techniques such as spear phishing, brute force password harvesting, and exploiting known vulnerabilities (found on the CISA’s website). Hackers abused common business applications like Microsoft 365 and Oracle Web Logic the most. Despite breaches mainly occurring within U.S defense companies, it is a reminder to everyone to adopt prudent information security practices.
The following are ways you can prevent yourself and Fordham from being compromised:
- Use strong passwords- When creating accounts with third-party services using your @fordham.edu email, don’t reuse your my.fordham.edu password. The most secure passwords include upper and lowercase letters, numbers and symbols, and random combinations of letters.
- Open emails with caution- Many cybercriminals, including Russian actors, use spear-phishing as an easy yet effective tactic to gather credentials. Unlike typical phishing, Spear-phishing uses research and personalized emails to lure members of an organization into providing sensitive information. The emails usually require research about the company and are harder to detect.
- Regularly backup your devices- All Fordham students and faculty have access to Microsoft Onedrive, which keeps a copy of all your documents if any of your files are corrupted.
In response to these alerts, Governor Hochul released a statement warning New Yorkers to be vigilant against Russian cyberattacks. She advised individuals to further protect themselves by using complex passwords and enabling multi-factor authentication (MFA) to secure their devices.
Last week, Hochul announced the Joint Security Operations Center would open in Brooklyn, a first-of-its-kind center for cybersecurity coordination and communication; this is part of her 62 million dollar budget for cybersecurity in 2023.