Cybersecurity Awareness Month 2022

October 1, 2022 | News & Announcements

October is Cybersecurity Awareness month! The month was originally created by the National Cyber Security Alliance and the Department of Homeland Security. Feel free to check out the events and resources listed below.

Giveaway: Win a $50 UCI Bookstore (“The Hill”) Gift Card!

Complete the quick security quiz and be entered into a drawing for one of three $50 UCI Bookstore (“The Hill”) gift cards! Winners will be picked at random at the end of the October and contacted through email. Participants must have a UCI Gmail account and can only enter in once. You do not have to get all the questions right in order to participate in the drawing and you must be UCI-affiliated to win. Quick Security Quiz Link

Events

Cal-CSIC Presentation – “Education Sector: Back-to-School for Cyber Criminals Too”

Description: The presentation will cover an introduction to Cal-CSIC, the current cyber threat landscape for the education sector for both K-12 and higher education, and go over some current threat trends with a part on mitigation.

Yu Chao is currently a Cyber Threat Warning Analyst with the California Cyber Security Integration Center (Cal-CSIC) embedded with the Los Angeles Joint Regional Intelligence Center (LAJRIC). In addition, he is a Cyber Threat Intelligence (CTI) analyst with the California Army National Guard’s (CAARNG) 171 Cyber Protection Team (CPT). Yu has over 19 years of experience in the military; bringing a wealth of knowledge from assignments focused on Signals Intelligence (SIGINT), all-source fusion analysis at various eschelons, to Emergency Management support through Defense Support of Civilian Operations (DSCA) operations. Yu holds a B.S. in Diplomacy and International Relations from Seton Hall University, and is currently pursuing a Masters In Cybersecurity Engineering at the University of San Diego.

Registration Link

FBI Presentation – “Cyber Threats and Trends in 2022”

Description: The presentation will cover significant cyber activity and trends, threat actors and their motivations, what the FBI’s role is, and ways to protect your business and yourself.

Supervisory Special Agent (SSA) Bryan Willett has been an FBI Special Agent for over 18 years.  He has spent the majority of this time investigating cyber violations and has worked in two FBI field offices and at FBI Headquarters, Cyber Division.  He is a licensed attorney and has earned several IT Security certifications, including the CISSP.  He currently works in the FBI’s LA Field Office where he is the Supervisory Special Agent for FBILA’s Orange County based Cyber Squad.

Registration Link

Data Disposal Day 10-26-22

Date: Wednesday, October 26, 2022

Time: 8:00 AM- 12:00 PM

Location: Parking Lot 12A near the Natural Sciences buildings

Properly disposing of e-waste is an important component of cybersecurity. Improper disposal, donation, or recycling of e-waste may inadvertently disclose sensitive information, which could be exploited by cyber criminals. Each of us is responsible for the security of information assets with which we work. 

Much like e-waste, keeping paper records with sensitive information that no longer need to be maintained under the UC Records Retention Schedule is both a security and privacy risk. Good document hygiene includes shredding unnecessary paper and deleting e-records with sensitive information that is consistent with the UC University Records Management Program (BFB-RMP-1) and the UC Records Retention Schedule.

Southern California Shredding will be on campus to shred both paper and e-waste products on October 26.

For more information, please visit: Data Disposal Day 10-26-22

Orange County DA Presentation – “You Are The Gatekeeper”

Description: The presentation will cover various types of cybercrimes handled by the DA’s office and how to identify and protect yourself from becoming a victim. It will also cover basic cryptocurrency tips to protect yourself from scammers and phishing attacks.

DDA DEBORAH KWON

Deborah Kwon has been serving the public as a criminal prosecutor since 2015. She graduated from the Pepperdine University School of Law with a certificate in Criminal Law. She is also certified in Alternate Dispute Resolution by the Straus Institute for Dispute Resolution. Deborah started her career as a Deputy District Attorney at the Tulare County District Attorney’s Office, where she handled countless cases involving serious and violent crimes. In Tulare, she specialized in prosecuting child abuse, animal abuse, sex offender registration failures, gangs, and crimes against peace officers. In 2018, she transferred to the Orange County District Attorney’s Office, where she continued to handle serious and violent crimes. She is currently in the Major Fraud Unit, specializing in Cryptocurrency fraud. Deborah is currently working with various branches of law enforcement to develop the investigative infrastructure to handle matters involving blockchain technology, non-fungible tokens, and all things metaverse.

DDA ANTHONY SCHLEHNER

Anthony Schlehner has been a Deputy District Attorney since 2013 and has devoted his entire career to being a criminal prosecutor. After graduating as his law school’s valedictorian and joining the California bar, he immediately began working for the Orange County District Attorney’s office where he is now part of the Major Fraud Unit specializing in Cyber Crime and Fraud. Throughout his career, he has prosecuted serious and violent felonies, domestic violence, gang crimes, identify theft, narcotics, real estate fraud, and numerous other areas of criminal activity. Anthony is a member of the International Association of Financial Crimes Investigators and is currently working with branches of local law enforcement and the Federal government to develop investigative tactics relating to cryptocurrency fraud.

Registration Link

Security Topics

Multi-Factor Authentication:

  • Use Multi-factor (Two-factor) authentication for your online accounts. This method uses two or more factors for authentication and includes but is not limited to: Something You Have, Something You Know, and something You Are. 

Password Security:

  • Create a long and different password for each online account with a minimum of 8 characters. Use a mixture of different sets of characters and use a password management tool to help store passwords.

Phishing/E-mail Scams:

  • Look out for phishing/email scams asking for your information. Some senders may masquerade as someone you know or a legitimate organization. Their aim may be to acquire personal or financial information among other items.

Backups:

  • Be sure to automatically backup your data and apply the latest security patches. Doing so will keep your software current and helps to address security vulnerabilities.

Remote Security:

  • Enable session timeouts and lock screens with strong passwords to keep other people from accessing your data if you’re away from your device. This will help to keep your data from being changed by a malicious individual and/or seen by those without the correct clearance.

 

Zoom Backgrounds

 

Resources:

UC-wide Cybersecurity Awareness Month Events

CISA: National Cyber Security Awareness Month

DHS: Department of Homeland Security Be Cyber Smart

NIST: National Institute of Standards and Technology (Cybersecurity)

SANS: SysAdmin, Audit, Networking, and Security

Have I Been Pwned: Password Compromise Checker

Krebs on Security

Security Now Podcast

FTC Recognizing and Avoiding Phishing Scams

Alerts

Fraudulent bank accounts hit UCI community

Sent on 8/30/2023 to All Campus Employees and Students by the Office of Data and Information Technology UCI Information Security reports “a new wave of fraudulent activity” tied to Chime and Go2Bank. Unauthorized accounts have been opened using UCI members’ personal...

Chime and Go2Bank Fraudulent Activity

We have seen a new wave of fraudulent activity related to UCI members coming from Chime and Go2Bank. This includes accounts being opened using a UCI member's personal information by unauthorized individuals, and getting notified of that via their UCI email, personal...

News & Announcements

DMARC Email Security Compliance

Major email providers have announced that they have started enforcing DMARC/DKIM/SPF email security standards in order to send email to them. What that means to us is that external email providers will increasingly block or mark as spam email coming from UCI unless...

Data Disposal Day – October 25, 2023

Date: Wednesday, October 25, 2023 Time: 8:00 AM- 12:00 PM (or until truck hits full capacity) Location: Parking Lot 12A near the Natural Sciences buildings Each of us is responsible for the security of information assets with which we work. Properly...