Cyber security: A joint responsibility!
If we’ve learned anything from last year’s cyber attack, it is that a reliable digital network is vital. The university has worked hard to make the network more secure. We would like to inform you about the measures that have been implemented, but also about how each and every one of us can contribute to the cybersecurity of UM’s systems. Only by being alert to what is and is not sensible, and by avoiding unnecessary risks, do we make life difficult for hackers. They are only too happy to capitalise on naivety--but with the help of our ICT staff, we can outsmart them. We need to work together to preserve the security of our digital networks. Let us all stay alert and be aware of the risks!
Lock your screen if (even for a short time) left unattended!
Encrypt your data on your laptop, mobile devices and USB-devices!
Use different passwords for different accounts!
Report suspicious situations to Servicedesk ICTS. Disconnect your device from the network, but do not shut your device down!
Install all software security updates as soon as possible
“If the UM wants to survive Covid-19, a reliable digital landscape is crucial”
On 23 December last year, it became clear just how crucial UM’s digital network is. Education, research—the cyberattack struck at the very heart of the university. Following the release of the report by the Inspectorate of Education (Higher Education section), we asked Michiel Borgers, UM’s Chief Information Officer, to reflect on the cyberattack and look to the future.
“You know it can happen here. There are cyberattacks on companies and institutions every day, and of course it can happen to your organisation too. But still, when you get that call, you know something’s wrong—seriously wrong. We had a major problem. We threw everything we had at it to minimise the impact for staff and students. The report by the Inspectorate acknowledges this.”
What happened next?
“Obviously, we want to make sure it doesn’t happen again, so we’ve implemented a range of measures. Our Security Operations Centre now has two, soon to be three, dedicated employees who are continuously monitoring our security situation. They keep track of 1,650 servers, 9,000 workspaces and the remote-working environments. They check that systems are being updated and monitor technical signals. They pay particular attention to phishing and social engineering: hackers pretending to be someone else, like a seemingly credible helpdesk employee who asks for your passwords and login codes. We’re also constantly on the lookout for errors in our systems, because these are potential security holes. Fox IT supports us with this, monitoring our network using sensors.”
So we can rest easy again?
“Security is never done. Hackers are professionals; cyberattacks are their core business. And they’re very good at it. So 100% safety is an illusion. That’s why it’s so important to be—and stay—alert. As an organisation, and as an individual member of the UM community, you need to be aware that hackers are always looking for opportunities. Not all users are equally alert or watchful. Some can be a bit lax, not bothering to log out, for example, which is very important because updates are installed when you log in again, and those updates keep security up to date. We have to keep our wits about us and keep drawing one another’s attention to the dangers, because as a user you’re one of the weak links that hackers are targeting. Now, during the corona pandemic, it’s becoming clearer than ever how essential a functioning online environment is. Students and staff depend on it. For a teaching and research institute like UM, it’s a precondition to survive this crisis situation. Not to mention the potential damage, both financially and to our reputation, that could be done by a second hack. So raising awareness is crucial. Safe computing should become second nature to us, like road safety.”