A little before 5 a.m. on May 7th, 2021, an employee at the Colonial Pipeline noticed a ransom note on their computer demanding cryptocurrency. This employee followed the company’s policies and procedures and immediately reported the situation. The Colonial Pipeline attack might be one of the largest and most impactful cyberattacks in history. It started when […]
Tag: Cybersecurity Awareness Month
Test Your Knowledge Competition
To wrap up another successful Cybersecurity Awareness Month, we invite you to show us what you know by entering our Test Your Knowledge Competition. Complete this activity to test what you know and receive an entry for one of several Bear Bucks awards. Prizes Grand Prize: $500 BearBucks credit. Additonal Prizes: $250 BearBucks credits. Don’t […]
Enter Our Student Prize Competition
On October 20th, CISO Chris Shull and WashU Computer Science Major Skylar Fong cooperated to run a webinar discussing Careers in Cybersecurity. Dozens of students participated in the evening event. Chris Shull offered valuable insights about the interdisciplinary nature of cybersecurity and the qualities that he looks for in a prospective new hire. Skylar shared […]
Scam of the Month: DocuSign Phishing
Attackers continuously adjust their tactics to circumvent our defensive strategies, using new methods to access our systems, data, and personal information. Even as attackers develop new scams, one element seems to carry on—impersonation. Our office frequently publishes about impersonation because it forms the basis of most phishing attempts. Often, attackers impersonate a high-ranking employee in […]
Meet Your InfoSec Team: Betsy Ball, Information Security Architect
Betsy Ball is a highly experienced IT professional with more than 30 years of experience, including work in user support as well as server, network, and firewall administration. In her role at WashU, she serves as an Information Security Architect, working with the Risk Assessment team on IT infrastructure assessment and supporting the Cybersecurity Maturity […]
Verify and Report
This week, read about how the employees of FireEye and SolarWinds responded to a hack and where a timely verification would have changed the outcome. The SolarWinds hack was first spotted by someone at FireEye, a cybersecurity company. A staff member noticed that an employee signed in using their username and password but a new […]
Student Prize Competition 2021
Thank you for your interest in our student prize competition! Use the Phish Alert Button (PAB) to report phishing attempts for your chance to win! To participate, register here by November 3rd: https://wustl.az1.qualtrics.com/jfe/form/SV_7418aAb5ROape6i Additional Resources from Webinar Slide deck Event Recording Using the Phish Alert Button About the KnowBe4 Program
The Race Against Ransomware
Ransomware is a specific category of malware that causes harm to the computer and the computer system. The U.S. Cybersecurity and Infrastructure Security Agency defines ransomware as “an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable.” The threat actors (hackers) behind […]
Cyberattacks are speeding up
Organizations have been a driving force behind cybersecurity awareness and training. It’s more important than ever to be up to date with cybersecurity knowledge so that attacks don’t happen on your watch. In these special edition Cybersecurity Awareness Month articles, you’ll read about damaging attacks that happened in 2021 — and how employee actions changed […]
Keeping Information Security Simple – Physical Security Comes First
Letter from the CISO, Vol 1 Issue 4 Washington University Community: Physical safety is a fundamental need of all animals, humans, computer systems, and devices. Last month I encouraged everyone to adopt a healthy dose of skepticism and paranoia regarding email, text, and social media messages to avoid becoming victims of social engineering attacks. This […]
Cybercrime and Human Intelligence
To defend ourselves against cybercrime, we cannot rely on technology alone. Cybercriminals constantly try different attack strategies, attempting to confuse, surprise, and manipulate their targets. Phishing emails are the most common attack strategy, and these messages are subject to the limitless creativity of their criminal authors. As a result, even state-of-the-art technology cannot perfectly detect […]
October is Cybersecurity Awareness Month
Cybersecurity Awareness Month is here! Cybersecurity Awareness Month is a global effort to help everyone stay protected whenever and however they connect. The Office of Information Security is proud to be a Cybersecurity Awareness Champion, supporting online safety throughout the year. We’re here to help every member of our community gain the knowledge and tools […]
SHRED-IT: Electronic Waste & Paper Shredding Drives
On Tuesday, October 19 and Tuesday, October 26, Operations & Facilities Management Department, the Office of Sustainability, WashU Office of Information Security, and BJC Information Security are teaming up to bring the WashU community e-waste recycling and confidential paper shredding services. All are welcome to bring accepted items to the collection drive. All confidential papers and hard drives […]
Revised and Updated Policies 2021
The Washington University Office of Information Security (OIS) supports education, research, and clinical care by protecting systems and data for everyone at our institution. Security threats today are constantly changing as cybercriminals try new tactics to steal and hold ransom user and institutional data. To adapt to changes in the information security landscape, the OIS […]
Thank You for Participating in Cybersecurity Awareness Month 2020
The Office of Information Security extends its gratitude to the faculty, staff, and students who participated in the events and activities of Cybersecurity Awareness Month 2020! During the month of October, we hosted a slate of webinars and presentations to help our community stay informed and empowered in the digital era. This year, our program […]
INFOGRAPHIC: Recognizing and Avoiding Business Email Compromise Attacks
INFOGRAPHIC: Practical Advice for Avoiding Phishing Emails
INFOGRAPHIC: Your Connected Healthcare
Welcome to Cybersecurity Awareness Month from CISO Kevin Hardcastle
Dear WashU community, Cybersecurity Awareness Month has arrived! Cybersecurity Awareness Month was launched in October 2004 by the National Cybersecurity Alliance and the U.S. Department of Homeland Security as a joint effort to raise awareness of cybersecurity issues and help people stay safe online. Now in its 17th year, Cybersecurity Awareness Month is observed around […]
WEBINAR: Topics in Security with Brian Allen
Information Security Manager Brian Allen will deliver a presentation on some of the most important topics in information security today. Brian will discuss the latest incidents and vulnerabilities detected on the WashU network during the last year and look at some new tools we have available to detect and remediate threats. We will be releasing […]
Revised and Updated Policies 2020
The Washington University Office of Information Security maintains a sustainable information security program supporting the vital work of education, research, and clinical care while also protecting our systems and users’ security. We can only achieve strong information security for all if we each take personal responsibility for ensuring our systems’ security. We continuously improve our […]
October is Cybersecurity Awareness Month
Cybersecurity Awareness Month is here! Cybersecurity Awareness Month is a global effort to help everyone stay protected whenever and however they connect. The overarching theme for the month is, “Do Your Part, #BeCyberSmart.” The Office of Information Security is proud to be a Cybersecurity Awareness Month Champion, supporting online safety throughout the year. We’re here […]
Information Security Manager Brian Allen to Speak at Virtual Zeek Week 2020
Information Security Manager Brian Allen will deliver a presentation entitled “Zeek, and Splunk, and Alertus, oh My” during Virtual Zeek Week 2020. This is a single session of a larger event that includes many opportunities to learn about technical aspects of the work being done by information security professionals. Details for registering for Virtual Zeek […]
Cybersecurity Awareness Month Is Right Around the Corner
October is Cybersecurity Awareness Month. Cybersecurity Awareness Month was launched as National Cybersecurity Awareness Month in October 2004 as a joint effort between the National Cyber Security Alliance and the U.S. Department of Homeland Security. The objective of National Cybersecurity Awareness Month was to raise awareness of the importance of cybersecurity and offer resources to […]
National Cybersecurity Awareness Month (NCSAM) is Coming!
WashU InfoSec is honored to be among institutions named NCSAM Champions. We champion the cause of information security in our community by offering information, resources, and events throughout the year with special offerings during NCSAM every October. Stay tuned for our schedule of October events to help you #BeCyberSmart. To see a complete list of […]