On Jan. 9, Southern was the victim of a minor cybersecurity breach triggered by a phishing email sent to students and faculty.
The University responded quickly, providing investigative services and notifying those involved.
“We had a phishing email that did get passed the filters and people clicked on it and responded to it,” said Chief Information Officer of the Information Technology Administration, Al Stadler. “It did expose some data and we’re just trying to improve, like after every situation, and I think we’ve done a decent job at that.”
Since the breach, IT Administration has increased security by seeking out weaknesses and improving them. The department concentrated on conducting training and spreading cybersecurity awareness.
“Anytime that something like that happens, you review what you’ve been doing and then you find ways to modify and increase your effectiveness. In our case, we went ahead and did some additional training for campus users and we’ve looked at increasing our filters, basically an email firewall,” said Stadler. “We take it very seriously here at Southern. It’s something that we’re always evaluating and adjusting.”
The IT department plans to implament new precedures in the next couple months in order to prevent another attack.
This includes deactivating email accounts from students who haven‘t been enrolled in classes after 18 months.
The unused accounts would be prime targets. Students who have old school emails will receive an email warning before being deactivated.
Stadler urges students to “be careful” to avoid being vulnerable towards cyber attacks. Stadler suggests that students exercise caution regarding unverified sources and giving out personal information, as well as being agile when it comes to password protection.
“Don’t fall for those things. Microsoft is not going to call you. The IRS is not going to call you. Be mindful of your privacy. [When] signing up for new accounts, don’t use the same passwords as others accounts that you’ve used. Because if that accounts gets compromised, then they can get into other ones,” said Stadler.
Stadler focused on the importance of awareness and acting responsibly online to avoid cyber attacks.
“The future’s going to be a lot of education. It’s going to be a lot of awareness training,” said Stadler.
Improved cybersecurity for the University depends on the alertness and online consciousness of every individual.
The IT Administration asks that students contact the Help Desk at room 224 in Plaster Hall if they receive any suspicious emails.