As tragedies escalate in Europe, many have voiced concerns about a rise in cybersecurity attacks. On Feb. 25, 2022, Information Technology (IT) sent an email to the Southeast community regarding cybersecurity vigilance. According to the email, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are aware of these issues and are urging the public to be cautious of ransomware, keylogging, and device-takeover attacks.
Types of cyberattacks
SEMO information technology security officer Bill Green said there are three types of attacks currently aimed by hackers towards the United States and Europe.
Green said ransomware is a type of software that encrypts an individual’s data and leaks it. After encryption, the hacker will ask for ransom money in exchange for the decryption key.
He said another attack is keylogging. Keylogging is malware that could be installed or downloaded onto someone’s device. With this, the hacker can record every button pressed, recording the usernames and passwords to any account.
Green said device-takeover attacks occur if an individual’s usernames and passwords are leaked to the dark web. Hackers can then hijack accounts and commit fraud, steal credentials and take over the account.
Green said the best way to protect personal information is to have a multi-factor authenticator (MFA) set up on all accounts.
“If someone gets your username and password, that’s not ideal. But if you have two-factor or multi-factor authentication set up on your account, they likely can’t get that additional factor needed to get into the account,” Green said.
Green said students who use text messaging as MFA instead of Microsoft authenticator are not safe from hacking.
“I know a lot of the students on campus use the text message for their multifactor instead of using the Microsoft authenticator. The problem with [text message] is that it isn’t particularly secure, either. I really would encourage folks to use Microsoft authenticator or Google authenticator. Not just for someone on campus, but if they have an email account, banking or whatever the case may be….