UC Davis information security specialists are fielding calls from people on campus who want to know what we can learn from the data breach UCLA disclosed last Friday (July 17).
CHANCELLOR'S MESSAGE
Dear Campus Community,
As you may have heard, UCLA Health announced today (July 17) that it was the victim of a criminal cyberattack. At this time there is no evidence that the attacker actually viewed or acquired any individual’s personal information in the UCLA Health cyberattack. Additional security measures have been implemented, and all potentially impacted individuals can sign up for no-cost ID theft protection services. More information is available at the UCLA Health website. There is no evidence that the UCLA Health cyberattack has impacted the UC Davis Health System. The IT systems at the various UC health systems are all managed separately.
A number of proactive steps are underway to help ensure the protection of IT systems at all UC campuses and medical centers. This includes the mobilization of an external cybersecurity group that will review and validate ongoing internal efforts and assess emerging threats and potential vulnerabilities.
The confidentiality of Protected Health Information (PHI) is essential in maintaining the trust of our patients, and we take that responsibility very seriously. We have invested in technology, dedicated staff and software tools to vigilantly monitor our systems, and have educated our employees about cyberthreats, which are a growing national concern.
While there is no evidence that our campus and medical center were impacted by this attack, there are steps we should all take to protect the continued security of our systems and networks:
- Ensure that your computer and mobile devices are up to date with the latest patches, including those for software like Adobe Flash or Java.
- Review electronic devices under your control (including computers, tablets, phones and memory sticks) and remove or secure any files that contain sensitive information about individuals.
- Be aware of email and phishing messages asking for personal information. Ensure that you have strong passwords and that you never share them with anyone.
- For more information, visit http://security.ucdavis.edu/cybersafetybasics.html.
- If you need assistance managing your cybersecurity efforts, you may contact the IT Express Service Desk (Davis campus) or IT Support (health system).
The confidentiality of our personal information, particularly medical information, is something that is important to all of us. We must act together to protect our computers and data. I appreciate your support and cooperation with this effort.
Sincerely,
Linda P.B. Katehi
The cause of the attack is still being investigated, but whatever the full answer turns out to be, the breach underscores the need to practice the basic good habits of information security.
UCLA Health has posted information about the attack on its website. There is no evidence that the breach has affected the UC Davis Health System, Chancellor Linda P.B. Katehi wrote in an email to UC Davis faculty and staff. See box for the chancellor's July 17 email.
Cheryl Washington, UC Davis' chief information security officer, said: "The campus security team is currently conducting its own investigation based on information we were provided about the UCLA incident. If we identify any confirmed or suspicious threats, we will reach out to the technical community and others for assistance in our investigation."
Washington also asks campus technologists to be sure they scan their VLANs (virtual local area networks), "and if they find something suspicious, notify us" at cybersecurity@ucdavis.edu.
"If you have not read the chancellor's message, I encourage you all to do so," Washington continued. "She offers very valuable tips that can help you protect your information assets."
5 common patterns
The 2015 Data Breach Investigations Report from Verizon says more about the current nature and source of cyberthreats. For example:
- Phishing still tricks too many people. "Twenty-three percent of recipients open phishing messages," the report says, "and 11 percent click on the attachments." UC Davis faculty and staff who need to brush up on their anti-phishing skills should watch these free, short videos (see module 3).
- "For the overwhelming majority of attacks exploiting known vulnerabilities, the patch [to fix the problem] had been available for months prior to the breach (and 71 percent for more than one year). This strongly suggests that a patch deployment strategy focusing on coverage and consistency is far more effective at preventing data breaches than 'fire drills' attempting to patch particular systems as soon as patches are released."
- Most attacks fell into one of five basic patterns: miscellaneous errors (29.4 percent), crimeware (25.1), insider misuse (20.6), physical theft/loss (15.3) and Web app attacks (4.1).
Bill Buchanan is senior writer and TechNews editor in Information and Educational Technology.
Media Resources
Dave Jones, Dateline, 530-752-6556, dljones@ucdavis.edu