The COVID-19 pandemic has triggered many changes in the way we live, work and socialize. Augusta University was not exempt from this and in March asked faculty, staff and students to carry on with their regular work and studies, but to do so remotely. This change seems to be the new normal.
For the last two months, employees have been dealing with new challenges associated with schooling their children or caring for an ill loved one — all while completing their usual work from home. Many are stressed, tired and possibly distracted at times.
All these new distractions have the potential to cause an increase in cybersecurity issues for our organization.
One of the things that sets Augusta University apart is its dedicated Cyber Defense Team that even before COVID-19, was working diligently behind the scenes protecting our institution from cyber threats.
According to Dr. Heather Roszkowski, Augusta University’s AVP of cyber defense and chief information security officer, we are facing many of the same issues we were previously, but on a more frequent scale.
“First, when you take the majority of an organization and change the way they use technology to work, then there is a higher probability of something going wrong. Second, with remote work, the reliance on technology becomes even more important; making the impact of a technology-related event even more detrimental,” Roszkowski said.
Augusta University’s Cyber Defense Team is working countless hours to keep our institution and its data safe and secure. COVID-19 creates another opportunity for cybercriminals to take advantage. Many of the precautions put into place before COVID-19 are still being used to keep us cyber safe, such as multifactor authentication (DUO), virtual private networks (VPNs), device upgrades, email security and many more.
Rodney Arthur, director of cybersecurity operations, explains why Augusta University could become a target and how to protect ourselves.
“The FBI put out a report last week stating that institutions such as hospitals and universities that are involved in COVID-19-related research have become targets of state-sponsored attackers,” Arthur said. “COVID-19 is in the news, and Augusta University is in the news because we are heavily involved in COVID-19-related testing and research, so this has the potential to make us more vulnerable by being specifically targeted. A pandemic is a great opportunity for cyber actors to take advantage.”
The Cyber Defense Team has seen an increase in malware and phishing emails, especially spear-phishing emails. These are all things we deal with every day. To protect ourselves against them, it will require each employee to act as a human firewall, to diligently take the time to review and verify emails.
“According to the University of System of Georgia, there has been a 700 percent increase in COVID-related spear-phishing emails,” Arthur shared.
Cybersecurity is everyone’s responsibility and it is going to require everyone to keep our institution and its people cyber safe.
First, if you have not already, complete your cybersecurity training. It will prepare you for situations you may face and how to deal with these situations.
Second, take advantage of security controls:
- Be sure your home wi-fi is safe and secure.
- Use strong passwords, and change them often.
- Use a secure remote connection for AU-related work.
- Maintain updated anti-virus signatures for all computers and devices.
Third, double-check and verify emails, both internal and external.
“Take the extra time to think, could this email be fake? We need to have an appreciation for the fact that there are people out there trying to steal from us. Trust, but verify,” Roszkowski said. This second look can help cybersecurity efforts tremendously.
Overall, AU’s Cyber Defense Team said though this time may be unusual for most, for them, it is business as usual. Threats change every day and are always out there. But if we all work together to remain diligent and take the time for a second look, we can all continue to remain cyber safe.