Collegian file photo
ZACHARY GOSSETT | OPINION COLUMNIST | zgossett@butler.edu
In cyber security, no one is safe until we all are. All network users at Butler University — students, faculty and staff — are dependent on each other to maintain a safe and reliable network. While this duty may seem daunting, it can be accomplished by each of us just by taking a few easy steps.
As most users have seen, and as The Butler Collegian reported last week, there has been an increase in phishing emails arriving in users’ inboxes. These emails are often making it through the filters because they are coming from already compromised Butler accounts, which are not vetted as thoroughly. Michael Denny, network and security architect, wants that to change.
“We are going to start looking into scrutinizing that,” Denny said.
Still, some users have seen the emails calling for part-time “personal assistants,” a good gig for strapped college students, and narrowly escaped the malicious links that attempt to steal their personal information, corrupt the network or flood our inboxes with unsolicited content.
Others have not been so lucky.
Rebecca Tschan, a junior dance performance major, knows the fear inspired by applying to the job offers in these emails.
“For the first couple days, and even weeks, I was really on edge,” Tschan said. “I was very lucky and very fortunate that nothing more came out of it.”
Nonetheless, phishing emails are just one of the many cyber threats that Butler University and its users face everyday. Some other common cyber attacks include malware, man-in-the-middle attacks, denial of service attacks, structured query language injection and zero day exploits. Everyday, Denny spends hours monitoring, analyzing and mitigating these threats.
“There are daily, constant attacks to the network,” Denny said.
As users, we rely on a secure network, and Information Technologies cannot protect the network alone. Paul Merkamp, a junior computer science major, believes users share some of the responsibility.
“It really does take everyone’s efforts to stay safe,” Merkamp said. “The individual making themselves safe also makes those around them safe.”
That is not to say that students, faculty and staff should be left on their own. Tschan thinks that Butler’s administration plays a crucial role in educating users to avoid these threats.
“It’s a two way street,” Tschan said. “Butler is in part responsible for providing us with the education to know how to distinguish between phishing emails and real emails.”
As phishing emails continue to pile up in our inboxes and we expose ourselves to new threats everyday, Butler users need the administration to provide education so we can properly avoid these threats. IT is currently working on developing an education program. In the meantime, however, we can all take the following steps to contribute to our network’s security.
- Be vigilant
While it may seem obvious initially, the best way to avoid malicious content is to recognize it beforehand. However, spotting a phishing email can be difficult when it looks similar to content we regularly receive.
Users can thoroughly check links by hovering over them, verifying that emails are coming from Butler addresses and contacting the sender if they are unsure.
“If you have a careful eye, you know what to look for it, you can catch it,” Denny said.
If you accidentally fall victim to a phishing scam, contact Butler IT for next steps.
- Trust your instincts
If users are unsure about an email, they can rely on their instincts.
“If it’s too good to be true, then it absolutely is,” Merkamp said.
Job offers that require little work for high reward are always going to be tempting, but if you are skeptical, trust that reaction.
“I’m pretty critical of everything that comes through my inbox” Merkcamp said, which allows him to avoid threats.
- Keep your software up to date
The default anti-virus programs — typically Windows Defender and MacOS — do a great job of defending your devices against threats, but you need to keep them up to date to counter new threats. IT recommends that we set our devices to update automatically.
- Backup your files
Attacks like Ransomware, which is a type of malware that denies access to files or data unless the user pays a fee, target networks to hold files hostage.
“You don’t want to feed the beast, right?” Denny said. “It’s a business for them.”
A simple way to not be a victim of this business is to back up files to OneDrive, Google Drive or BU Files so users do not have to pay the ransom.
- Use unique passwords
Despite the convenience of using one password for everything, it allows cyber criminals to have easy access to the services a person uses, which would expose a dangerous amount of information.
As we wait for Butler to provide more education about avoiding threats, we can take these five measures to make our network much safer. For more information about how you can stay safe, visit Butler’s IT website.