Cybersecurity training for all staff and faculty is underway for 2017.
If you’re asking yourself, “Hey, didn’t we do this last year?” Well, yes, many of us did.
But it’s required annually now, throughout the UC system, and here’s a good reason why:
Almost two weeks ago, thousands of people at UC Davis received an email from Ralph J. Hexter, our interim chancellor, no less, with the subject line “URGENT DEVELOPMENT.”
Turns out, this Jan. 12 email was a classic case of phishing. It began with “Good Morning staffs” — a dead giveaway. Always watch for awkward phrasing like, “Good Morning, staffs.”
The first paragraph was not much better: “I'm bringing this notice to all employees of University of California, Davis, that there will be a new development in University of California, Davis. I have shared a very essential document which I want all staffs to read through.”
The sender ends with, “Please go through pdf attachment for more briefing.”
Presumably, the PDF — which I did not open — would have attempted to ascertain my personal information, or get me to click on a link.
The university’s Information Security Office received no reports of damage arising from this email. Information and Educational Technology reported that the message reached about 4,300 accounts, mostly those of staff and faculty (3,900). Some of the phishing emails went to lists, so the total number of recipients is likely higher than 4,300.
IET quickly sent a “warning" email to the entire campus: “Discard phishing email with subject line ‘URGENT DEVELOPMENT’.”
“Please disregard the message, and do not click on the PDF, because the message did not come from Interim Chancellor Hexter,” the warning email stated. “Information and Educational Technology is investigating this matter, which is almost certainly phishing. If you opened the document, please contact the IT Express Service Desk at firstname.lastname@example.org to ensure that no malware was introduced onto your computer.”
The IT Express Service Desk reported receiving about two dozen contacts from people about the message as of the morning of Jan. 13, the day after the phishing scam went out.
“The fact that the vast majority of people on campus simply deleted the message means they knew what to do, and their response underscores the value of UC’s cybersecurity training,” said Cheryl Washington, chief information security officer. “Most phishing messages never get delivered, but some do get through. You need to know how to identify them.”