Security at University of Michigan IT (SUMIT) 2020, ITS’s free annual event hosted during National Cybersecurity Awareness Month, goes online for SUMIT Reimagined. This series of informational events where members of the U‑M community can get help from IT experts on a variety of topics is entirely virtual this year. Check out a few of the events below and see… Read More »
Each October, ITS Information Assurance (IA) celebrates Cybersecurity Awareness Month by reminding members of the university community about their shared responsibility to protect themselves and the U and by sharing IT security and privacy tips.
In the course “Cybersecurity for Future Leaders” (EECS 498 / PUBPOL 475), students will gain a better understanding of the science, technology, public policy, and national security considerations behind cybersecurity in order to protect the very tenets of democracy. Election security will be one of the course’s six focus areas this fall 2020. The course is taught from… Read More »
From cars to space shuttles to drones, keeping vehicle electronics systems updated and free of security vulnerabilities is exceedingly difficult, according to Baris Kasikci, a professor of computer science and engineering. “It’s a little bit of a mess,” said Kasikci. “Traditionally, you fix the bug in the source code, you rebuild the software and you redeploy it. But… Read More »
Ransomware is on the rise and you have an important role to play in protecting U-M!!! Cybercriminals and other threat actors continue to ratchet up ransomware attacks on universities, healthcare providers, and other organizations. This summer Michigan State University and the University of California San Francisco, among others, have reported recent attacks. Ransomware attempts often begin with a… Read More »
You can no longer request two-year SSL server certificates from ITS. Web browsers and devices from Apple, Google, and Mozilla will not trust any two-year certificate issued after August 30, 2020.
Assistant professor of computer science Birhanu Eshete says he didn’t know what kind of response he’d get when fellow professor Di Ma asked if he’d try to get a student organization going to support their burgeoning cybersecurity program. So he started simple, sending out an email inquiry to gauge if there was any interest. Within a couple hours,… Read More »
Two prominent medical device organizations have announced a new collaboration to advance medical device cybersecurity practices across the entire medical device lifecycle. The Association for the Advancement of Medical Instrumentation (AAMI) and the Archimedes Center for Medical Device Security will work together to connect their networks of medical device and health technology management (HTM) professionals across the country.… Read More »
Although there are many benefits to the smart internet of things (IoT), like being able to ask a speaker questions and receive immediate answers, security and privacy for these devices remain a challenge. To address this, a team of researchers from seven universities will work together on a national research project on the life cycle of security, privacy,… Read More »
You know to be wary of phishing emails and phone scams, but did you know that crooks also send text messages to steal your identity and money? These scams, called “smishing”—the word comes from SMS + phishing—appear to be increasing during the COVID-19 pandemic. Warning signs Consider any unexpected text message from an unknown number suspect. Smishes may… Read More »
Given the current infodemic related to the COVID-19 pandemic, it is harder than ever to get your important university information through to the people who need it. People are rightfully suspicious of unsolicited email, but that can sometimes cause them to ignore or delete your important, legitimate communications. Focus on helping recipients verify the legitimacy of your U-M… Read More »
To better help you secure your unit networks, ITS Information Assurance (IA) is increasing the frequency of its universitywide scans and adding internal network scanning. As of May, universitywide vulnerability scans are now performed monthly instead of quarterly. The monthly scans will be similar to previous quarterly scans. The software begins by performing a TCP and UDP probe… Read More »
To find out why people adopt and then sometimes abandon online safety measures, researchers from the School of Information surveyed more than 900 people about their use of 30 commonly recommended practices to guard against security, privacy, and identity theft risks. The team found that security practices like avoiding clicking on unknown links or emails were much more… Read More »
On any given day in Kevin Fu’s laboratory at the College of Engineering research investigators might use an antenna to fool the lab’s sensor into giving a false temperature readings or a laser light beam to inject false voice commands in a voice-controlled assistant from a distance of 300 feet. Unlike many cybersecurity troubleshooters, Fu is not looking… Read More »
ITS Information Assurance has rapidly developed a number of new Safe Computing resources to help you practice and promote good IT security and privacy practices in this new normal: New on Safe Computing and in IT Security at U-M. New resources covering videoconferencing security and privacy, coronavirus scams, how to prevent Zoombombing, new videos, new entries in the… Read More »
Watch for tax fraud during extended tax season With tax filing deadlines extended from April 15 to July 15, the risk of tax fraud is extended as well. Be alert for fraudulent phone calls and emails from scammers pretending to represent the IRS. See Safe Computing: Beware of Tax Fraud for examples and more information. Watch for scams… Read More »
It is vital that you report actual or suspected IT security incidents as soon as possible so that work can begin to investigate and resolve them. This applies even when you are working from home. A new ITS Information Assurance (IA) video tells you where to report them (security@umich.edu), and describes how IA responds. For more detail about… Read More »
Across the world, working from home has become a necessity. When you are working from home, follow IT security best practices to protect yourself and U-M: Secure your computer, smartphone, and other devices. Secure your connections to protect data you send and receive. Beware of phishing, scams, fraud, and other tricks and traps. Protect sensitive U-M data by… Read More »
A newly announced Google Faculty Research award will fund a research project on developing better phishing warnings co-led by School of Information assistant professor Florian Schaub. Phishing attacks trick victims into clicking malicious email links to get them to disclose sensitive information such as personal data and passwords, or install malware. Building on prior work, Schaub says this project… Read More »
How can you help people in your unit become aware of their basic data protection responsibilities? Encourage them to take this new, university-focused online course from ITS Information Assurance: DCE101 U-M Data Protection and Responsible Use (in My LINC). The completely new course provides practical guidance and best practices. It replaces what used to be called “DCE101: Access… Read More »