Kansas State University

search

IT News

Category: Security

Get involved with National Cyber Security Awareness Month (NCSAM)

October marks the fourteenth annual National Cyber Security Awareness Month (NCSAM) sponsored by the Department of Homeland Security. The goal of NCSAM is to increase the awareness of the cyber security landscape and to bring awareness to various strategies we all can use to keep our information protected. It is our shared responsibility to protect ourselves, our colleagues, our family members, and K-State’s valuable information and technology resources.

In this video, President Myers weighs in on the importance of cyber security to stay safe online.

Continue reading “Get involved with National Cyber Security Awareness Month (NCSAM)”

LISTSERV policy change goes into effect Oct. 2

by Information Technology ServicesStop Spam image

Currently, email from K-State LISTSERV mailing lists bypass Spam check procedures. Beginning Monday, Oct. 2, LISTSERV emails will go through the same Spam check in Office 365 along with the rest of our university emails. Information Technology Services (ITS) will only  bypass emails from the spam checks if a reasonable case can be made for the need. The goal is to reduce K‑State’s exposure to spam and allow the spam protections in Office 365 to do their job.

You should periodically check your Junk Email folder to make sure
you are not losing important, safe emails. After Oct. 2, be sure to

look for messages from your LISTSERV lists in your Junk Email folder. If you find any, fill out this form to request a global settings change that will move those emails from your Junk Email folder into your Inbox folder instead. Requests will be considered on a case-by-case basis for approval.

If you have questions, contact Greg Dressman, director of Enterprise Server Technologies, dressman@ksu.edu.

K-State data-storage options

data storage imageby Information Technology Services

Faculty, staff, and researchers create and consume data on a daily basis. Keeping that information safe is vital, which requires good data storage to safely backup the information and to distribute data quickly when required.

K-State offers three data-storage options for storing and backing up your computer files. Each option has a unique combination of features so you can tailor your choices to your specific needs. These options are centrally supported and documented, and each is a secure mechanism for storing and retrieving your files. Continue reading “K-State data-storage options”

Faculty/staff: Keep your data safe with CrashPlan

Crash Plan imageby Information Technology Services

CrashPlan, an alternative to traditional computer backups, is available by subscription for faculty and staff. CrashPlan will back up files on your workstation, laptop or desktop computer in a continuous, invisible, uninterrupted manner, and send you a periodic report of the status of your backup. CrashPlan encrypts your data, and then backs the data up to the cloud. Continue reading “Faculty/staff: Keep your data safe with CrashPlan”

Change to K-State’s LISTSERV whitelisting policy

by Information Technology Services

To help ensure proper delivery of emails to your K-State Inbox, Information Technology Services (ITS) maintains an Approved or Safe Sender whitelist. A whitelist is a list of email addresses, domains, and IP addresses which will not be blocked by K-State’s spam filters.

Whitelisting introduces additional cybersecurity risks. Spammers take advantage of whitelisting which makes our K-State inboxes more susceptible to spam, phishing scams, and viruses. Spammers create spoofed emails from whitelisted email addresses, domains, and IP addresses, which will make their way to your Inbox. When you click on the spoofed emails and links, you will unknowingly expose the K-State network to viruses and harm.

Previously, email from K-State LISTSERV lists were whitelisted. Now, LISTSERV emails will go through the Spam check in Office 365, and will not be whitelisted. ITS will only whitelist emails that have a business need. The goal is to reduce K-State’s exposure to spam and allow the spam protections in Office 365 to do their job.

The whitelisting change will go into effect Oct. 2. After this date, periodically check your Junk Email folder to make sure you are not losing important, safe emails. If you are losing important emails, fill out this form to request a global settings change that will move those emails into your Inbox instead. Requests will be considered on a case-by-case basis for approval.

If you have questions, contact Greg Dressman, director of Enterprise Server Technologies, dressman@ksu.edu.

Update on WannaCry ransomware

On Monday, May 15, Information Technology Services (ITS) scanned the K-State network for the Microsoft patch for the MS17-010 SMB vulnerability dated March 14, 2017. More than 560 Windows systems did not have the patch, which made them vulnerable to the WannaCry Ransomware. This malware, and its variants, infect systems, encrypt all files, and then require a ransom to “unlock” the files.WannaCry Ransomware update

ITS and campus system administrators immediately began applying the patch. Within a week, the number of vulnerable systems was reduced to about 80, which were blocked from the K-State network until the patch was applied.

The focus now is on reducing/eliminating unpatched University-owned systems and unpatched systems using the VPN to tunnel into campus. This will minimize the negative impact if a system is brought onto campus, becomes infected, and spreads the malware. ITS will continue to scan the network and block machines.

If you need assistance contact your technical support staff or the IT Help Desk 785-532-7722.

Update on K-State response to WannaCry ransomware

On May 15, initial scanning of the K-State network for the WannaCry Ransomware threat identified over 560 vulnerable Windows systems. In collaboration with system administrators from across campus, there are now fewer than 100 vulnerable systems.

However, K-State continues to be at risk for infection due to vulnerable Windows systems. As of 5:00 p.m. May 25, vulnerable Windows systems were blocked from the K-State network as per University policy.

Faculty, staff, and students who use those systems will NOT be able to access the network (wireless, email, Library databases, HRIS, shared drives, etc.) until their systems are patched and complete a security scan. Guests coming to campus also need to have their computers updated and patched.

Information Technology Services thanks system administrators for their quick response and assistance to protect against this vulnerability. For questions about the vulnerability, contact the IT Help Desk at 785-532-7722.

Hosting guests on campus? Remind them to update their MS Windows machines

Hosting guests on campus? Inform them about the ransomware vulnerability, WannaCry, and ask them to have the latest software updates applied on their computers.
WannaCry Ransomware: install windows updatesK-State continues to monitor the network for the ransomware campaign referred to as WannaCry. Unpatched machines, or computers without the latest security updates, coming onto campus are a risk to our network. This is especially concerning with the number of conferences, camps and orientation occurring on campus during the summer months. Therefore, all computers running the Microsoft Windows operating system must have the latest updates applied.
The specific Microsoft update is MS17-010 SMB vulnerability dated March 14, 2017.
Throughout the summer, the network will be scanned daily. Machines without the updates are subject to being blocked.
Guests can contact the IT Help Desk for assistance at 785-532-7722 or helpdesk@k-state.edu.

Ensure your computer is patched with the latest Windows updates

To ensure that your computer is patched to mitigate the WannaCry Ransomware threat and other vulnerabilities, K-Staters on and off campus can set their computers to automatically apply the updates. Information on how to update your computer is available from K-State’s Software Update Service for Windows. K-Staters are encouraged to periodically restart their systems to complete the installation of system updates.

If you need assistance applying the patch, please talk to your technical support person or the IT Help Desk at 785-532-7722.

190 scams and 75 compromised accounts since Sunday!

During this time of the semester, K-State gets hit hard with email scams. There have been 190 scams reported since Sunday resulting in 75 compromised accounts.

What can you do?

Stop and think before you click. YOU are the best defense against these scammers.

If something looks suspicious, do not click on the link. Period. You stop the scammers right in their shoes.

Be really suspicious of emails in your junk folder. Normally, it’s in the junk folder for a reason. When in doubt, throw it out! Continue reading “190 scams and 75 compromised accounts since Sunday!”