[Orgvpdue] [Tech-bulletin] Notice of State-Sponsored Hackers Targeting COVID-19 Research & Vaccine Development

Fri Jul 24 09:36:24 PDT 2020

Please note the security message below from our campus Information Security Office regarding an increase in hacking campaigns, especially now during our remote working situation. The one below is specific to COVID-19 related research, but I have seen an increase in phishing emails targeting the general campus community. Please take extra care before opening emails and clicking on links.

-Israel

From: CITL <citl-bounces at lists.ucr.edu<mailto:citl-bounces at lists.ucr.edu>> on behalf of UCR Information Technology Solutions <tech-bulletin at lists.ucr.edu<mailto:tech-bulletin at lists.ucr.edu>>
Dear Campus Community:
The Cybersecurity and Infrastructure Security Agency (CISA), UK’s National Cyber Security Centre (NCSC), Canada’s Communications Security Establishment (CSE), and the National Security Agency (NSA) released a Joint Cybersecurity Advisory<https://www.ncsc.gov.uk/news/advisory-apt29-targets-covid-19-vaccine-development> regarding new targeted hacking campaigns.
This alert warns that state-sponsored malicious actors are targeting organizations and researchers conducting COVID-19 research and vaccine development. This threat is new and separate from the state-sponsored hacking advisory announced<https://insideucr.ucr.edu/announcements/2020/05/18/its-advisory-protecting-against-hackers> in May.
State-sponsored malicious actors are typically well-funded, sophisticated, and highly motivated. With this being the case, it’s important to ensure that we all do our best to keep our data safe and our research uninterrupted.
The ITS Information Security Office is working diligently to address the alert and keep the UC Riverside campus community safe. However, as many of us are working remotely, attackers are taking advantage of less secure networks and targeting users at home.
We’re asking you to maintain vigilance as our partners against malicious actors.
Here are some steps you can take to keep UC Riverside research and data safe:

  *   Take extra care before opening emails or clicking on links that seem suspicious. If it looks odd or too good to be true, it probably is. Email phishing is a very common method hackers use to access protected systems. Read our blog post about how to spot phishing<https://its.ucr.edu/what-to-do-if-you-suspect-email-phishing-at-ucr>.
  *   Be sure to use UCR’s Virtual Private Network (VPN) when working. You can find VPN guidance in our ITS Knowledge Base<https://ucrsupport.service-now.com/ucr_portal/?id=kb_article&sys_id=e641c6251bca1c909c0b844fdd4bcbe0>.
  *   Ensure your devices (work and personal) are running the latest software updates. This includes updating your mobile phones, tablets, computers, Wi-Fi routers and any other Internet-attached devices.
  *   Protect your personal email accounts by enabling multi-factor authentication. (Hackers often target personal email accounts.)
  *   Work with your department’s IT service providers to make regular backups of research data.
  *   Keep ITS in the loop! If you receive a suspicious email, send it as an attachment to abuse at ucr.edu<mailto:abuse at ucr.edu> (find step-by-step instructions<https://ucrsupport.service-now.com/ucr_portal/?id=kb_article&sys_id=317415081b2784949c0b844fdd4bcbb5> in the Knowledge Base). Sending the original email as an attachment instead of forwarding the email allows our Security office to better investigate the issue and improve our security measures.
For more tips and information, visit https://keepworking.ucr.edu<https://keepworking.ucr.edu/> and https://keepresearching.ucr.edu<https://keepresearching.ucr.edu/>.
Thank you for your attention to this important matter.
Information Technology Solutions
University of California, Riverside
ITS.UCR.EDU<https://its.ucr.edu/>
[Description: Description: cid:image001.gif at 01CCA60B.7849B810]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ucr.edu/pipermail/orgvpdue/attachments/20200724/8a50a3a2/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.gif
Type: image/gif
Size: 3186 bytes
Desc: image001.gif
URL: <https://lists.ucr.edu/pipermail/orgvpdue/attachments/20200724/8a50a3a2/attachment.gif>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ATT00001.txt
URL: <https://lists.ucr.edu/pipermail/orgvpdue/attachments/20200724/8a50a3a2/attachment.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ATT00002.txt
URL: <https://lists.ucr.edu/pipermail/orgvpdue/attachments/20200724/8a50a3a2/attachment-0001.txt>