“Heartbleed” Website Security Regarding UNC-CH

April 11th, 2014 | In IT Security, News

heartbleed logo


Many computers that provide access to Internet content are vulnerable to an internet security exploit called “Heartbleed” including UNC networks. The bug affects software that a majority of secure websites (those that start with “https”) use to encrypt personal and sensitive information in an attempt to secure it. When exploited, the software bug allows hackers to bypass the encryption and view protected communications, such as usernames and passwords. Once university personnel became aware of this information, immediate efforts began to patch affected central systems for this vulnerability. 

Continue Reading…

University investigates data breach, notifies affected people

December 10th, 2013 | In IT Security, News
Update 12/23/13: The University is offering people affected by this incident the option of a one-year subscription to a credit monitoring service that monitors activity at all three credit bureaus, at the University’s expense. The University is notifying these people directly by mail in early January 2014 about how they can pursue this option. Click here for more information on UNC’s website.

Carolina officials are investigating a data breach that risked unauthorized online access to personal information concerning some current and former employees, vendors and students. It is believed that more than 6,000 people are affected.

On Nov. 11, an information technology manager in the Division of Finance and Administration was informed that some electronic files managed by the Division of Facilities Services inadvertently became accessible on the Internet. The files contained names and Social Security or Employee Tax Identification numbers, and in some cases, addresses and dates of birth.

Continue Reading…

Cybersecurity and Critical Infrastructure (National Cyber Security Awareness Month – NCSAM)

October 28th, 2013 | In Features, IT Security, News

The Internet impacts our daily life, even when we’re not directly using it. The Internet underlies our educational systems, financial transactions, transportation systems, electrical grid, emergency response systems, and nearly every facet of the essential services we use every day. The final week of NCSAM highlights the need to take every step necessary to protect our critical infrastructure.

No individual, business, or government entity is solely responsible for securing the Internet. Everyone has a role in securing their part of cyberspace, including the devices and networks they use. Individual actions have a collective impact and when we use the Internet safely, we make it more secure for everyone. If each of us does our part implementing stronger security practices, raising community awareness, educating the next generation, training one another together we will be a digital society safer and more resistant from attacks and more resilient should one occur.

The final week of NCSAM closes with a simple message everyone using the Internet can adopt: STOP. THINK. CONNECT. Take security and safety precautions, understand the consequences of your actions and behaviors online, and enjoy the benefits of the Internet.

Cyber Education and the Next Generation of Cyber Leaders

October 21st, 2013 | In Features, IT Security, News

Week four of NCSAM focuses on Cyber Education and the Next Generation of Cyber Leaders.

In order to be secure, we need individuals who can use the Internet safely, securely, ethically, and productively and to build a workforce of cybersecurity professionals to defend our networking infrastructure. We can be successful if we teach everyone the essentials and reach the next generation of cyber leaders at an earlier age.

In keeping with the theme of Cyber Education, UNC’s Information Security Office (ISO), a division of Information Technology Services (ITS), will host a Cyber Security Town Hall style meeting from 2:00 p.m – 3:00 p.m. in the Global Fedex Building, Auditorium 1015, on Thursday, October 24.

Continue Reading…

Give a hoot, please reboot

January 30th, 2012 | In Bulletin Board, IT Security, News, Spotlight On, The Hub

Computer operating system (OS) providers generally issue OS patches on a monthly basis, though urgent critical updates are released in addition to and sometimes out of cycle with the standard patches. Rebooting your computer(s) is an important step in applying these patches.

After a patch is installed, a reboot is required before future patches can be applied. Most patches will also not be ‘active’ until the reboot. You will be prompted to reboot (if nobody is logged on, then reboot is automatic). If you power down at the end of the day, that is the same as a reboot and is sufficient. Again, if you don’t reboot or power down at some point after a patch is installed, then future patches won’t be installed and your computer will not be secure!

So, please reboot to safeguard your computer and the University’s data. A good rule of thumb is to reboot at least once per week.

Conrad, Marinshaw and Waddell author ECAR research bulletin

November 11th, 2011 | In Bulletin Board, IT Security, News, Spotlight On

A new research bulletin, Protecting the Security of Research Data, has been published by the EDUCAUSE Center for Applied Research (ECAR).

Authored by Larry Conrad, vice chancellor for information technology, Ruth Marinshaw, assistant vice chancellor for research computing and Stan Waddell, executive director and information security officer, the publication discusses an overarching approach by which campus IT solutions can be architected and deployed in such a way as to provide adequate management of research data assets without hindering the research process.

UNC-Chapel Hill faculty, staff and students are authorized to access this publication by creating and using an EDUCAUSE login.

The EDUCAUSE Center for Applied Research (ECAR) provides research and analysis to help higher education leaders make informed decisions about information technology. ECAR assembles leading scholars, practitioners, researchers and analysts to focus on issues of critical importance to higher education, many of which carry increasingly complicated and consequential implications.

Phishing arrives via phone, text or email

November 3rd, 2011 | In IT Security, News, Spotlight On

Beth McGuire was at her desk at the Ackland Art Museum when she received the call on her work phone.

“The person told me that they represented Microsoft Outlook and that they were calling to warn me that my computer had a virus. They had been told to help me get rid of it. I was instructed to go to a specific website. They were very clear that if I did not take immediate action, my computer could crash at any moment and I would lose everything.”

McGuire, who works at the Ackland as a museum educator, suspected that the story didn’t add up.

“First, I asked for more specific information – their name and if they were from ITS (Information Technology Services). But they didn’t respond to those questions so I just told them I would have someone on campus take care of it.”

McGuire then called 962-HELP.

According to information security manager Judd Knott, McGuire did everything right.

“She is the poster child for how to respond to a phishing attempt.”

According to Knott, if McGuire had gone to the website, she would have been asked to click on a link which in all likelihood would have infected her machine with malware or a virus.

Instead, following directions from an ITS Response Center (ITRC) representative, McGuire ran a full scan of her machine, opened her Symantec antivirus program (which was up-to-date and the latest version) to view the risk log and confirmed that there were no risks present on her machine. The ITRC then forwarded the matter to the Office of Information Security who also confirmed that McGuire’s machine was risk-free.

“Phishing telephone calls are relatively rare but not new – they actually date back to around 2006,” explained Knott. “If you receive an email, text or phone call that asks you to go to a website and click on a link or download something, be suspicious. Hang up and call 962-HELP immediately.”

Although McGuire noticed that there was no Caller ID information given on the call, Knott cautions that Caller ID can be faked.

“It’s insidious,” said McGuire. “It’s disappointing that people will go to such lengths.”