Good afternoon, everyone.

Due to the current conflict with Iran, I want to use this week’s newsletter to focus on the potential for cyberattacks as the war escalates.

Global Threats

• State-Sponsored Cyber Threats
  • With this current situation, I want to make sure you are aware of potential threats during this time.
  • There are always nation-state threats coming from our worst adversaries, particularly China, Iran, North Korea, and Russia, that pose a threat to our national security.
  • However, when we are actively engaged in war with one of these countries, these advanced persistent threats (APTs) increase.
  • The Cybersecurity and Infrastructure Security Agency (CISA) is reporting that ‘the Iranian government has exercised its increasingly sophisticated cyber capabilities to suppress certain social and political activity, and to harm regional and international adversaries.’
  • CISA goes on to warn that APT actors engage in sophisticated malicious cyber activity that is targeted and aimed at prolonged network/system intrusion.
  • APT objectives may include espionage, data theft, and network/system disruption or destruction.
  • And when we are in conflict with one of our adversaries, the others often increase their own activities while we are busy trying to look into everything else that is happening.
  • Please take extra caution when opening email that you did not expect and it is more important than ever that you don’t click links nor open attachments without fully vetting them first.
  • If you do suspect malicious activity, even if you don’t click something, you should let me know about it as soon as possible, so I can investigate the information for you.
  • Once it has been determined there is a valid threat, you can go to CISA.gov and click the “REPORT A CYBER ISSUE” button in the top right corner of the page.
  • You should also report it to the FBI’s IC3.gov.
  • Please remember that reporting is critical to getting a cybercrime stopped as soon as possible!
  • Make sure your computers, phones, tablets, and all other devices used online are always patched, too.
  • US banks, in particular, are on high alert at this time so please keep a close eye on account activity and report any suspicious activity to your bank as soon as possible.
  • If you get an unexpected email, phone call, or a text that looks like it is from someone you know or a known business, please verify that it truly is from the person it claims to be.
  • And please don’t engage in argumentative discussions on social media, particularly at a time of global unrest because you never know who is behind it and how much misinformation is being spread.
  • Not participating in social media arguments is also better for your mental health!

I thank each of you for all the work you do and for being so cautious when it comes to potential scams. Thank you for protecting the Institute’s data and for sharing these newsletters with students, clients, friends, and family. And thank you so much for all the support and appreciate you show me. I appreciate all of you, as well!

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone has an email group for students who are not employees of your department, please let me know what that address is, and I can include it. I do this as a blind copy so student names and addresses will not show up!