Many recent cyberattacks have targeted colleges. Among them:
- The recent hacking of the Democratic National Committee before the election was facilitated by stolen email accounts from a prestigious university.
- At Michigan State University, unknown attackers gained access to a database with records on 400,000 current and former students and stole social security numbers, student ID numbers, and dates of birth.
- Rutgers University was hit with a number of “distributed denial of service” (DDoS) attacks that interrupted some of its systems; the longest lasted five full days. Rutgers had invested $3 million in cybersecurity—but that didn’t prevent the attacks.
- Two University of Southern California hospitals were hit by a ransomware attack that made hospital data inaccessible to employees. Healthcare and financial services companies and even police departments have been forced to pay ransoms to restore data.
Below is a collection of all they Cybersecurity threats that have impacted or targeted members of the FIT community since the Cybersafe campaign began in 2016.
Cybercriminals often try to capitalize on the outpouring of support for those impacted by natural disasters to trick those seeking to help to reveal private information or downloading malicious software. Numerous scams are circulating via email and social media from cyberattackers hoping to take advantage of people looking to help those affected during hurricane season. […]
What happened? “Malspam” is short for malware spam—a word to describe any malware that is delivered via email. A malspam campaign that is currently circulating mimics a FedEx shipping confirmation with a person’s real name, Social Security number, and a “tracking number.” Victims that click on the link will be redirected not to a FedEx […]
What happened? Recently one of the other SUNY campuses experienced a spear phishing attack (personalized phishing attacks that appear to be from a trusted source). The attacker sent an email purporting to be from the institution’s president regarding a new business integrity program. The emails had the correct branding and trademarks of the institution and […]
Cybercriminals have historically used high-profile events, such as the Olympic Games, to disseminate malware and conduct scams, fraud, and cyber-espionage. It is highly likely that cybercriminals will recycle old tactics such as Olympic-themed phishing emails, malvertising, and malicious mobile apps, as well as develop new methods to compromise target devices and accounts. Similar campaign tactics […]
What happened? A sophisticated email phishing scam targeting SUNY students is currently active. In this latest scam, the attacker pretends to represent a college IT department, sending an alert that claims that recent system maintenance caused them to lose student user IDs and passwords. The email includes a link for the student to re-enter their […]
What happened? Multiple cybersecurity flaws have been discovered recently that leave nearly every computer and phone vulnerable, allowing cybercriminals the ability to access your private data: passwords, credit card details, photos, etc. Meltdown affects laptops, desktop computers and internet servers with Intel chips. Spectre affects some chips in smartphones, tablets, and computers powered by Intel, […]
Don’t give cybercriminals the gift of an easy target this holiday season. Stay off the cybersecurity naughty list by avoiding falling for these scams: Phony Shipping Status Emails You are likely expecting more package deliveries this time of year a fact cybercriminals seek to exploit by sending fake shipment and delivery notification emails and text […]
What happened? A security flaw in the macOS High Sierra allowing attackers to bypass administrator authentication without supplying a password was discovered Tuesday, November 28 and a patch released by Apple on November 29. How does it impact the FIT community? Campus computers, including office, classroom and lab computers are not impacted by this threat […]
You may have seen media coverage this morning about another widespread ransomware attack, called “Bad Rabbit,” that has impacted thousands of computers in Europe. Ransomware is software that encrypts your files and then demands payment to the attacker for the decryption key. While there have been few reports of attacks in the United States so […]
What happened? Equifax, one of the three nationwide credit-reporting bureaus, announced Thursday that they were the victims of a data breach in which cybercriminals stole the information of nearly 143 million people. The data exposed includes names, Social Security numbers, birth dates, addresses, and ID numbers of some driver’s licenses. The credit card numbers of […]