Information Technology Center informs campus with “cyber security awareness month”

Information Technology Center informs campus with cyber security awareness month

As the university observes breast cancer awareness month, the Information Technology Center (ITC) has dubbed October "cyber security awareness month" in an effort to promote a greater understanding of cyber security.

For nine years, cyber security awareness month informed students about the dangers of cyber intrusion and encouraged them to be aware of phishing and spam emails. For the second straight year, ITC is focusing on students' responsibility to stay safe online.

Lenelda Pennington, a university information security engineer, said it is all about paying attention. 

“It’s kind of hard to understand, but I think it’s just the fact that people are in a hurry,” Pennington said. “They know they need their email and they’re not paying attention. Everybody is multitasking and we’re not that good at multitasking as we think we are.” 

This year, ITC plans to use the motto “Stop. Think. Connect." in order to decrease phishing incidents. As a result, Pennington said more people have been reporting phishing emails.

“It has increased this year – especially this semester,” Pennington said. “We are getting a lot more reports because students are starting to recognize it a lot more.”

According to statistics provided by ITC’s intrusion software, IronPort, the university had a total of 18.3 million incoming emails for this past September. Of these, over 14 million were categorized as threats and prevented from invading mailboxes, according to IronPort.

“One day in August we had 1.2 million incoming emails,” Pennington said. “We kind of average around 700,000 emails coming in a day. Eighty-two percent of the mail messages did not get to mailboxes. Think about [how many emails] you get and add 82 percent more. These are stopped as invalid recipients.”

Pennington added that students' biggest concern should be the links they click. 

“Even just from the first of school, we’ve had probably 20 people who have clicked on links and have given up their passwords or went to that website,” Pennington said. “Students should always be paying attention. If students do this, it helps to protect them and helps to protect their computer.”

David Kinch, another information security engineer at the university, said he agreed with Pennington that students need to be suspicious of the messages they receive and to not be in a rush. 

“[Students] want to create this sense of urgency with the message and make it feel like they have to act quickly, when in reality they need to take pausing moments and think about the message itself.”

Kinch said students who understand cyber security have made a huge difference in preventing future computer scams.

“As that information is reported, it helps fellow students and helps others in the university environment. Sometimes that message is only going to a handful of people,” Kinch said. “If none of the people report it, then you might not have any indication that that message came in out of all the messages you receive in a day.”

Kinch added that students need to be extremely cautious about following links out of curiosity. 

“What we are certainly seeing is you have huge amounts of messages that are trying to trick you to following them. Not because they want you to type in information, but because they want to install software on your computer,” Kinch said. “For me, that’s the piece that people need to be aware of.”

Some students said they find the phishing tips to be very useful, but other students do not pay much attention to them. 

Andrew Elam, a senior film, television and digital media major, said the phishing tips promote awareness and allow students to be prepared.

“It allows us to better prepare ourselves to not fall into traps,” Elam said. He added that as technology progresses, more people become vulnerable to computer scams.

“It’s not only a problem with the university but it’s a world problem as well,” Elam said. “I think that people need to take some time and not really ignore them.”

Elam said a lot of students do not know about cyber security tips.

“As the student body, we are so consumed in our own lives. When you see an email about school and cyber security and phishing, it’s not something you jump at,” Elam said. “But they need to.”

Melinda Peters, a senior marketing major, said she stopped reading emails about spam and phishing tips as a freshman. 

She also said she is not alone in disregarding them. 

“I think that no one looks at them- some people probably don’t know what phishing is,” Peters said. “Because we get a million emails a day, the last one we want to look at is one about phishing.” 

Peters and others like her are the audience the ITC is trying to reach. 

“This year we are back on to ‘watch out for this’,” Pennington said. “Stop, think, then connect.”