During just one hour, from 6 to 7 AM on 9 October, 20 585 emails flooded into UIA’s large rubbish bin. Only 949 of these messages slipped through the net.
This article is more than two years old, and may contain outdated information.
The figures say something about the volume of spam which zips by in cyberspace. At the same time, it also says something about just how important it is to have updated filters that work to stop this flood. But still, some of those 949 messages that found their way through the UIA filters that morning were also spam.
UIA is doing more to stop spam and dubious clicks – now we are going to put up what is known as the “Cisco Umbrella”. More on that later.
“It is important to be attentive. Stop and think before you click,” says the security adviser to the ICT department, Annette Thorkildsen Osaland.
If you receive e-mails which you believe might be attempts at phishing, or contain viruses or other undesirable content, you can forward the message in question to the email address SPAM@uia.no. The message will be checked here, and the spam filter updated if necessary.
“UIA collaborates with the University of Oslo on anti-spam systems and updating filters,” says the team leader of UIA’s IT centre, Helge Høynes.
“The illustration shows the number of messages every hour – the green line shows the total number of messages delivered to the recipient, the blue line shows the number rejected because of spam, phishing or viruses – and which are therefore not delivered to the recipient,” says Høynes
On the afternoon of 17 October, the writer of this article received a phishing email which amply demonstrated that, however good the filters are, some do still get through. Several others have reported the same phishing attempt to firstname.lastname@example.org.
In the course of the last year, five people from UiA have been tricked by the Crypto-locker virus. It is easily done in one thoughtless moment, even if that moment provides several opportunities to stop – think – click.
It is far from certain that those behind the program, which locks your machine and demands money to open it up again, really do just that when the money is sent. So the rule is: Contact IT sooner rather than later if you have been so unlucky as to have had your machine locked. Do not pay!
But take precautions. There can be significant consequences, particularly if you have not ensured that your files have been saved in a safe place, such as in UIA’s cloud storage. UIA has backups of files there, and there is thus a good chance that your machine can be cleared – reset – and your files uploaded again.
One reason that cloud storage has been introduced is that UIA people can now retrieve their documents and save them in the usual way when they are far away from UIA, the office, or reading area.
“It is really important that everyone saves in the right places, so that you have a backup of your files. If you are unlucky and become a victim of this, it is important to report it as quickly as possible to IT-help, even if it can be embarrassing. It is important that we get started as quickly as possible with restoring your files,” says Helge Høynes.
Here is an example of one scam from winter. It had a relatively large impact. In this case, it was Telenor that experienced being misused:
If you let the mouse cursor rest over the link in the message, you will see that it does not go to www.telenor.no, but rather to http://tf4.telnor1.net/i80u.php?id=am9ybi5hLmNydWlja3NoYW5rQGFnZGVyZm9yc2tuaW5nLm5v
- something altogether different.
Here, the address is obscured, and those who are particularly attentive will notice that the country code is .pl – in other words Poland – and this should indeed arouse our suspicions. So, therefore: Always check the sender’s address before you open it.
If you did, nonetheless, choose to open it, the following picture comes up.
UIA puts up the umbrella
“Cisco Umbrella” is the name of a new security solution which UIA has now introduced. The umbrella helps further in the battle against becoming an unfortunate victim when clicking on addresses or URLs.
Here is IT security adviser Anette Thorkildsen Osaland’s description of UIA’s new umbrella:
Today’s challenge is to protect ourselves against malicious software, phishing attacks and ransomware viruses. We are all dependent on digital solutions, and digitalisation is in a state of rapid growth. Many might think that cybercrime is not something that affects them, but the fact is that digital threats concern us all.
Cyber criminals are utilising more advanced and sophisticated methods than we have seen before, and they operate in a highly professional manner.
Those who carry out attacks tend to target the weakest link, in other words ourselves – humans. It can as a result be difficult to distinguish between what is real and what is an attempted attack.
We try to protect computers with technical solutions, but the most important of all is that we, as users, exercise vigilance. This is about protecting ourselves by detecting and blocking threats before the damage has been done, and therefore UIA has resolved to make use of a solution which helps us with this.
The product “Cisco Umbrella” is, simply put, a solution in which the addresses we click on will be checked against a large database, and access will be blocked if they transpire to be known phishing/malware sites. This increases data security and provides better protection for staff and students at UIA.
It is important to pinpoint in this context that privacy is maintained and that the logs are not traced back to individuals.
Cisco Umbrella provides us with:
- Protection from harmful programs without affecting user-friendliness
- A reduction in the number of infections/successful cyberattacks/encryption of data
- A swifter response to incidents
- Security in depth – several layers of security
Questions about Umbrella? Contact IT help if you are uncertain about anything.
“Nobody should be afraid to report breaches of security. We are definitely not out to take people down”, says UIA’s IT security adviser, Anette Thorkildsen Osaland. “The reports help us to gain an overview of the security situation at UIA, whilst they simultaneously help us with our preventive security work.”
Security at UIA is not stronger than the weakest link. So it is important that we find what this is in order that we can become stronger together.
“And this is where reports about breaches in security are an important tool,” says the IT security adviser.
Check that you are following UIA’s IT regulations, which take care of information security: Summary page.
“All telephones with an UIA email must be able to be wiped from Outlook if there is a crisis. But it can take a while before you realise that your mobile has gone” says the head of UIA’s IT centre, Helge Høynes.
Cloud storage, remote storage or synchronisation services – one good thing can have many names. These are services of the type iCloud, Dropbox, One Drive and others are about. “The cloud” with its storage space is of the type of information storage installation such as is now being built at Støleheia, in Vennesla.
“Regardless of anything else, it is extremely useful to have saved an updated copy of content in a mobile phone, tablet or PC if you have been so unlucky as to have lost one of these,” says Høynes.
At UIA, OneDrive is used as the cloud storage service, both for users of Windows 10 and Mac. This means that the PC automatically saves content in the cloud. But other mobile devices must be configured for cloud storage – in other words, they must be synchronised with the cloud.
Read more about cloud storage on Aftenposten.no: (Be aware that the terms and conditions can often change).
See Telenor’s website for remotely deleting mobile data: How to remotely wipe your mobile
Or for Apple products: See iCloud: Delete your device:
To be on the safe side – this is made especially for security at universities and university colleges. It is a new page – opened Monday 2 October – and is ready with many good pieces of advice and tips.
October is a security month for all government agencies – this means that extra focus will be placed on security. It does not mean that security is something to think about only in October – but this month should be used by everybody to work out good security routines for daily life. And these must be put into practice every day throughout the whole year.
The national security month has been arranged today for the seventh time. The campaign is coordinated by the Norwegian Centre for Information Security (NorSIS), which is a part of the government’s holistic focus on information security in Norway. NorSIS is technically subsidiary to the Ministry of Justice and Public Security.
NorSIS runs Slettmeg.no – with free advice and guidance services for you if you feel that you have been infringed upon online.
Nettvett.no – Information, advice and guidance about more secure use of the internet and social media. It also provides advice about protecting mobiles and computers etc.
The Norwegian National Security Authority (NSM) is Norway’s expert agency working with information and object security, and it is the national academic group for ICT security. The directorate is a national reporting and coordinating authority for serious information breaches and other ICT security incidents.