Alert: Increased State-Sponsored Cyberattack Activity

The U.S. Cybersecurity and Infrastructure Security Agency is warning U.S. organizations to beware of a possible rise in state-sponsored cyberattacks.

Syracuse University’s Information Security team within Information Technology Services (ITS) has not detected any marked increase in activity over the past week but continues to monitor for and prevent attacks. One of the most effective paths for an attacker to gain a foothold on the Syracuse University network is through phishing emails and other social engineering techniques.

ITS encourages all members of the University community to be mindful of and prepared to respond to cyberattacks. The tips below will help community members identify phishing emails and attempts to bypass multi-factor authentication (MFA). Additionally, there is information relating to taking the University’s required annual Information Security Awareness Training for faculty and staff. Please take a few moments to review the critical information below.

Don’t Fall Victim to ‘MFA Fatigue’

Attackers have been forced to shift their strategy since the University adopted multi-factor authentication to access key resources. Once an attacker compromises a Syracuse University NetID/password through phishing or other attacks, they repeatedly attempt to log in to University resources generating multiple MFA requests on the compromised user’s phone or mobile device. This is done in an attempt to “wear out” their victims and cause them to approve the MFA request to silence their phone or device. This, in turn, allows the attacker access. If you have not explicitly attempted to log in to a system, do not accept an MFA request from your phone or device. Contact your IT Support Staff or the ITS Support Center to report fraudulent MFA requests.

When in Doubt, Don’t Click

To protect yourself from phishing attacks, ask yourself these questions the next time you receive a suspicious email:

• Was I expecting the document or link? Be suspicious of unexpected emails sharing documents and links you are not expecting. If you are not sure, contact the sender (preferably via text message, phone or an alternative email address) and ask if they shared a document with you.
• Do I know the person sharing it? Consider the message suspicious if you do not know the sender. Remember, phishers often use compromised accounts to send their messages. They also can forge the sending address. If you feel at all unsure, call the sender at a known number to confirm they sent the information.
• Can I identify the attached document before opening it? Is it clear from the document title and message what the document is and why it is being shared? Phishers often send vague messages stating a document has been shared with you. They rely on your curiosity to open the document. Do not open suspicious shared documents if you are at all unsure of what it is or who sent it.
• Does the product or offer seem too good to be true? Beware of emails promising financial gain, quick fixes or easy solutions, as these are likely phishing attempts.

Take Required Information Security Awareness Training for Faculty and Staff

Taking the University’s required annual Information Security Training is one of the best ways for faculty and staff to increase their knowledge and protect their own and the University’s information. The training is available through March 31 and can be accessed by logging in to MySlice, selecting the “Employee Resources” tile and then selecting the “Security Awareness Training” tile. The training is self-paced and takes approximately 30-40 minutes to complete.