The higher education sector has recently seen a surge in cyber-attacks with the National Cyber Security Centre issuing an official alert. You may also have seen Newcastle University in the news as an example of a cyber-attack that affected the whole organisation, exams and clearing. It’s more important than ever for both BU, and for us as individuals, to take decisive action to harden defences against cyber-attacks. It’s everyone’s responsibility to understand the risks and to take action to prevent them.
Please take the time to read the following information about protecting yourself, your family, and BU, from a cyber-attack:
Secure your device - Take the necessary steps to secure your device to help prevent hackers from gaining access or installing ransomware. Ransomware is a type of malicious software that is designed to cause damage to a computer, server, application or computer network and prevents you from accessing it again until you pay a ransom. If you notice a ransom demand or suspicious software on a BU computer, disconnect the computer from the BU network and your WiFi, but leave the computer powered on and do not lock it. You should then contact the IT Service desk on 0808 196 2332.
Back-up - make sure your device and all your work is backed-up. Backing up files is the best practice to mitigate an unexpected loss of your important documents due to malware, system breakdowns and hackers. Save copies of your BU work and important documents to your BU OneDrive through Office 365 or the H:\ and P:\ drives.
Password123! – Ensure you create strong and unique passwords for every online account. Strong passwords are harder for cyber criminals to crack, and when each password is unique, if one account is compromised, your other accounts will remain safe. Try using a password manager app that stores your passwords securely, so you don’t need to remember them all!
Multifactor Authentication - When possible implement multifactor authentication for all your online accounts (e.g. emails, social media sites). This multi-layer security approach will reduce the chances of hackers getting into your account if they get hold of your password. Google authenticator or Microsoft authenticator are two recommended tools.
Don’t take the bait – Be phishing aware at all times. Phishing is any activity designed to trick you into giving out your personal details. These details can be used to impersonate you or steal further information about you. Double-check the source of emails and all web links before clicking on them and don't respond to emails requesting your login details, personal and financial information. Phishing has become very sophisticated and can be difficult to spot, so never click if you’re unsure.
Stop and check before you click - Inspect all hyperlinks before clicking them and get into the habit of hovering over them first to check where it’s taking you to or what you’re downloading. Don’t click any link you are not 100% sure about - especially on mobile devices where it’s difficult to verify a weblink. Take a look at our guidance on clicking wisely. You should also be vigilant when it comes to email attachments and opening files that you’ve been sent over social media or text. Beware of files that ask you to enable macros and don’t open a file that comes from anyone you are not expecting a file from.
Speak up - If you suspect any IT security incident involving any BU system, application, network or computer, contact IT Services on 01202 965515 or freephone 0808 196 2332. If you suspect that you are the victim of a personal cyber-attack e.g. financial fraud, extortion or a scam, contact your bank, and/or ActionFraud.