We are all targets for cyber-attacks

Many people mistakenly believe they are not a target for cyber attackers: that their data or accounts are not valuable. This could not be further from the truth. If you use technology, at work or at home, you are a worthwhile target. But you also have the best defense there is against these attacks–you. 

Why they target us 

Attackers have different motivations and believe that by hacking you they can achieve their goals. Here are two common examples of types of attackers and why they target us: 

Cyber Criminals: They are motivated by money, and the internet ensures they can easily target a broad audience. There are MANY ways they can make money from you including 

    • stealing money from your bank or retirement accounts 
    • creating a credit card in your name and billing you  
    • using your computer to hack other people 
    • hacking your social media or gaming accounts and selling them  

Targeted Attackers: These are highly trained cyber attackers, often working for governments or criminal syndicates. You may feel your job would not attract much attention, but you would be very surprised. 

    • The information you handle at Drake has tremendous value.  
    • You may be targeted to get to a colleague or system you access. 
    • They may target you because of organizations Drake works or partners with. 

The myth: I use an antivirus tool, I’m safe 

Our suite of security tools prevents these attacks from being successful, right? Unfortunately, that’s not always true. Cyber attackers constantly improve their methods to bypass detection and protection technology. If they create new malware, it can spread undetected. Customized phishing attacks bypass email filters, and phone calls can trick you out of your credentials or money. Technology plays an important role in protection, but YOU are the best defense. 

Slow down and take a close look at emails that are particularly urgent, odd, or suspicious. Use a strong, unique passphrase for each of your accounts. Staying cyber-aware is ultimately your best defense.  

I invite you to email informationsecurity@drake.edu to continue this conversation or to report any suspected attacks. ITS will continue to provide phishing education in July using simulations of common attack methods. 

—Peter Lundstedt, ITS