In our previous cybersecurity post, we discussed internal threats and what you can do to avoid them. This post will focus on external threats, and how the College of Nursing IT department is working to keep our network safe.
An external threat is an attack or attempted attack by an outsider trying to gain access to a network. There are several levels of external threats, including:
- Basic: These usually take the form of scripts that automatically search the internet for vulnerabilities. They are not usually aimed at specific people or networks.
- Advanced: These are attackers actively trying to access a network from the outside.
- Advanced Persistent: These are often hackers who are state-sponsored or may even come from inside foreign governments. They have the time, money, resources, and motivation to get into a network and they will continue trying new attacks. Attacks of this nature are often the ones you hear about on the evening news.
We asked Erik Yarberry, network administrator for the College of Nursing, what we are doing to mitigate threats from both external and internal attacks. Here are a few things our network is equipped with:
- A Firewall, or a system that uses certain rules to control traffic into and out of the network. The CON has two firewalls– one that protects all networks inside the CON (including Nursing_WiFi) from the outside, and then another one that keeps Nursing_WiFi separate from the wired network.
- A Virtual Private Network (VPN) which encrypts internet connections to network resources that are not available to the public
- Splunk, a program which exports all of the network’s system logs and allows network administrators to search those logs using sophisticated techniques
- Data Loss Prevention (DLP) Software which protects all of the network’s data from exposure or being compromised.
- Various alerts about possible “ransomware” attacks, compromised accounts, too many login attempts, etc
With all of these programs and defense mechanisms in place, our network runs every day while fending off potential attacks from the outside. In our next and final entry for this series, we will discuss more ways that you can protect your information and keep the CON network secure.
Erik Yarberry is the College of Nursing’s Network Administrator. He recently took some time to talk to us about cybersecurity at the College of Nursing, including what are termed “internal” and “external” threats to the network. This post will explore internal threats, and another post will follow discussing external threats.
Internal threats are those that come from employees or others who have access to the network. These can be both intended and accidental. Here are some examples:
- Employees clicking on or forwarding phishing messages sent by email
- People leaving employment who leave security holes or delete files they shouldn’t (either accidentally or intentionally)
- People getting viruses through unsafe websites, unsecured flash drives, or other means
You might be wondering, what’s the point in phishing or hacking the College of Nursing? What’s there to gain? Here are some things hackers and phishers look for:
- Intellectual property including copyrighted works, dissertations, etc.
- Personally identifying information
- Social Security numbers, credit card numbers, anything that would help an identity thief
- Access to legitimate email addresses to send more attacks out
Internal security threats make up a large portion of the cybersecurity threats that the College of Nursing faces. That’s why it’s important to know a threat when you see it, and if necessary alert the proper channels. Here are some tips to remember to protect yourself and the College of Nursing from these kinds of threats:
- Don’t click on unfamiliar links or attachments in emails! If you are sent an email that looks suspicious, forward it to email@example.com
- Change your passwords frequently, and use a new and unique password each time. If your email or other information was ever breached, those old passwords could be in the wrong hands.
- Know how to browse the web safely. Here are some good tips.
- Have anti-virus software, and update your computer and software regularly. Cybersecurity is basically an arms race, and the best way to be equipped is to keep all of your systems as up-to-date as possible.
- If you suspect you have a virus or clicked on something you shouldn’t have, alert IT right away at CONfirstname.lastname@example.org
In our next Cybersecurity post, we will delve into external threats and what the College of Nursing is doing to mitigate them.