This Week’s Cybersecurity News, 04/27/2023

Share on

It’s Friday Eve! It’s also day four of Employee Appreciation Week. On Tuesday, we had the UTIA Faculty and Staff Appreciation Lunch at UT Gardens. It was a great time and I thank Dr. Keith Carver and members of UTIA leadership, as well as President Randy Boyd and other leaders from across UT for thinking of us. I hope that they know how much we appreciate them and their leadership, as well!

Today I have a current threat that keeps showing up, but with a few slight changes. I have also included a response to a question about TikTok.

Current Threats

  • Microsoft 365 (phishing email)
    • The sender appears to be a UT student with a “” address, and one that I saw most recently seemed to come from a student who left UT in 2022.
    • The subject is ACCOUNT CLOSURE.
    • The message tells you, “We received a request to terminate your office 365 email and this process has begun by our administrator.”
    • The message continues, “We notice that your office 365 has two info different logins with two universities portals. Kindly indicate the two info logins as soon as possible. To avoid termination of both logins within 24hrs,we expect you to strictly here and address it.”
    • There is a link, but please DO NOT CLICK!
    • If this was a legitimate message, it would not come directly from a student’s email account, especially one who has been gone for almost a year.
    • There are several grammatical and spelling errors that stand out in the message, which are typically indicative of phishing.
    • If you receive this email, please forward it, along with the Internet header, using these instructions, Reporting Phishing Attempts.

Ask Your CISO

  • What is so bad about TikTok and why can I not access it on the UT network?
    • I am sure you have been hearing the news for the past couple of years about the potential threats that come with the use of TikTok.
    • TikTok seems like a fun service offering short videos that trend worldwide.
    • TikTok is owned by the Chinese company ByteDance and this is the source of many of the potential threats.
    • In November 2022, The Guardian published an article explaining that TikTok collects information on how you consume its content to finetune the algorithm for the app’s main feed.
    • Also in November 2022, FBI Director Christopher Wray had told a House committee that China had stolen more Americans’ business and personal data than all other countries put together.
    • This goes way back, but has gotten worse with the popularity of certain Chinese-owned apps.
    • Data harvesting is not exclusive to TikTok, as Facebook, Instagram, and Google use similar methods for their algorithms, but the concern with TikTok is more about where the data being collected goes and if it ends up being accessed by the Chinese state.
    • On 04/14/2023, Governor Bill Lee signed a bill banning TikTok and other Chinese-owned platforms from being accessed on public college campuses’ WiFi.
    • WBIR news specified that the bill prohibits a “public postsecondary institution that provides internet access, through a hard-wired or wireless network connection, to students, faculty, staff, or the general public from allowing an individual to access a social media platform using the institution’s network if the platform is operated or hosted by a company based in the People’s Republic of China.”
    • The list of other Chinese-owned platforms being banned include:
      • WeChat
      • Sina
      • Weibo
      • Tencent QQ
      • Tencent Video
      • Xiao HongShu
      • Douban
      • Zhihu
      • Meituan
      • Toutiao
    • After some past digital forensics investigations and lots of research, I can attest to at least a couple of these apps making some deep changes to your computer that allow them to steal the user’s data.
    • While this app is not listed above, Lemon8 is a fairly new social media app released in 2020, is owned by ByteDance, and reportedly uses the same algorithm as TikTok.
    • So, with all the potential for both personal data and Institute-owned data (especially research data!) to be stolen, you can better understand why this ban is necessary.
    • Please know that this is not just a ban in Tennessee, as at least 25 states who have now passed similar laws blocking access on government computers including Montana, Arizona, South Carolina, Maryland, Georgia, New Jersey, Louisiana, and Utah.
    • The federal government has been blocking the access of TikTok on all federal devices and systems.
    • In addition, countries like Australia, Canada, France, Afghanistan, Taiwan, India, Ireland, and several others have banned TikTok from government devices, all citing similar security concerns.
    • At this time, state and federal government officials are not banning the use of TikTok on personally-owned devices using personal network connections, but I do believe this will happen before long.
    • Here are some friendly reminders:
      • Please be mindful when using any app, especially social media.
      • Always check the settings of your apps, especially social media apps, and turn on multi-factor authentication so that you can be sure you are the only one who can successfully log in.
      • Don’t share personal information online, and definitely not on social media.
    • Finally, please don’t perpetuate anti-Asian hate because the actual citizens are not to blame for the reported spying via TikTok or other Chinese-owned platforms.

To continue the “appreciation week” theme, I must tell you that I appreciate everything you all do to protect the Institute and its data. I am always here to help you, so please don’t hesitate to let me know when you have concerns and questions. I truly enjoy and value each one of you, as well as your feedback!


Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone has an email group for students who are not employees of your department, please let me know what that address is and I can include it. I do this as a blind copy so student names and addresses will not show up!