Current Non-Threats, Current Threats, Policies and Procedures, Security Awareness Newsletters

This Week’s Cybersecurity News, 07/17/2024

Posted on Jul 17, 2024Share on

Person holding a sign with a picture of a laptop and a hand coming out of the screen that is holding a sign that says "login"

Hello, everyone.

Today I want to tell you about a legitimate survey being sent to a random sampling of UT employees. I also need to remind everyone about the requirements for accessing IT assets.

Current Non-Threat

  • Survey (email)
    • The sender is Great Place To Work <hello[@]invite.emprising.com>.
    • The subject is Great Place to Work® Trust Index© Survey.
    • The message begins with, “Your organization has invited you to participate in an employee survey conducted by Great Place To Work®.”
    • I recognized the person’s name at the bottom of the message, so I called and asked several questions.
    • I stated that there is no mention of the University of Tennessee, so it left a lot of uncertainty.
    • I was assured that the email and survey are real.
    • I was told that this confidential survey is being sent to a random sampling of 5,000 employees across the UT System today, so if you receive this email, it is legitimate.

Current Threat

  • Duplicate Accounts (phishing email)
    • The sender varies, but appears to be with UT.
    • The subject is UTK ACTION NOW.
    • The message tells you that your “office 365 has two different logins with two universities’ portals.”
    • The message tells you that you have 24 hours to address this.
    • The message wants you to use the link provided so you can give your username and password or give both usernames and passwords if you really have two accounts.
    • Please do NOT click, copy/paste, or reply!
    • This is a scam and it is not coming from UTK.
    • If you have received an email like this, please report it using Reporting Phishing Attempts & Other Email Scams.
    • Please remind your students with whom you have contact that this kind of email is a scam!

Important Reminders

  • Login Requirements
    • It has come to my attention this week that some Institute-owned computers do not have the appropriate logins required to secure the computers, as well as the data accessed and stored on the computers.
    • Both UT Policy and UTIA IT Security Plans require the use of secure logins for all Institute-owned and UT-owned IT assets, which would include computers, email, Microsoft 365, Canvas, Banner, etc.
    • All Institute-owned and UT-owned IT assets MUST be protected from unauthorized access that could potentially lead to modification, disclosure, or destruction of the asset and data contained on the asset.
    • UTIA IT0110 – Acceptable Use of Information Technology and Resources Security Plan (AUP) is a great summation for all things that a user will and will not do with regards to Institute-owned IT assets.
    • UTIA IT0132 – Identification and Authentication Plan explains the use of the UT NetID and password as the approved means of authentication.
    • UTIA IT01xx – Media Protection Plan states that users of any Institute-owned IT asset must use individual login accounts.
    • In addition to protecting the Institute’s IT assets and data, I want to be sure we are protecting the Institute’s employees, as well.
      • Without the proper logins, any employee who is known to use a specific computer may be the one held accountable if someone else is using the computer while the known user is logged in.
      • Computer logs will show who is logged in and if it is your account the other person is using, you could be blamed for anything that happens.
      • If computer logs show that there is a generic account being used, anyone known to use that computer could be held accountable in the event of an incident.
    • If you are using someone else’s login, please stop doing this immediately and refer to HR0580 – Code of Conduct.
    • If you are using a generic login, please stop immediately and contact the OIT HelpDesk at (865) 974-9900, to get a ticket created so the appropriate IT staff can help you get the proper and secure login you need.
    • And for those in research labs who require a shared account due to certain specific requirements, make sure you submit the UTIA IT0302F – Information Technology Plan Exception Request Form.
    • If your computer is found to have a generic login, please be aware that the computer may have to be disabled from network use until the proper login has been added.

Thank you all for everything you do every day to protect the Institute and its data. It is so nice to know how security aware you all are. And please remember you can contact me at any time if you have any questions or concerns. I am always here to help you!

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone has an email group for students who are not employees of your department, please let me know what that address is, and I can include it. I do this as a blind copy so student names and addresses will not show up!

Sandy Lindsey
Chief Information Security Officer
Information Technology Services
The University of Tennessee
Institute of Agriculture

 

 

G061​ McCord Hall
2640 Morgan Circle Drive
Knoxville, Tennessee, 37996
Phone: (865) 974-7292; (865) 806-5224
sandy@tennessee.edu