Internet Storm Center Infocon Status

Search ISU Security

RSSSubscribe to the RSS Feed
ISU Information Security

The Social Media Privacy Landscape

Monday, April 23, 2018 10:04

Few people find themselves in a situation wondering “What is Facebook?” But, even fewer wonder “What is Facebook doing to protect my data?” That was likely true, until the recent revelation that Cambridge Analytica, a political firm, was given access to the private information of more than 50 million Facebook users. This event has dominated headlines for the past few weeks and has forced many social media users to ask more than a few questions about the privacy of their data, and what social media companies are doing to protect it.

Politics aside, it’s helpful to understand what happened. As mentioned, Cambridge Analytica gained access to the private information of more than 50 million Facebook users. Much of the controversy of this issue lies with the question: How?  In short, they were given the data by Facebook.  Researchers from Cambridge Analytica asked Facebook users to take a personality survey and download an app. The app then collected private information from the user and their friends, which would ultimately end up back in the hands of Cambridge Analytica. They would go on to perform analysis on the data for political purposes.

This was activity that Facebook permitted at the time. This is why the event is not classified as a “data breach” – Facebook knowingly and willingly gave the information away. Granted, this is activity that is no longer permitted on Facebook, but it illustrates the ever-changing social media privacy landscape. Buried somewhere in the terms of service presented to users is the acknowledgement that Facebook has a responsibility to protect its user’s private information. But, when the ToS are a mile long, how can Facebook be held appropriately responsible for not just a breach of data, but a breach of trust?

These are questions that were asked of Mark Zuckerberg, the CEO of Facebook, when he recently appeared in front of Congress. He was asked many questions, and gave many answers, but the crux of the argument stood firm: Is Facebook responsible for protecting its user’s data, and if so, can they be trusted to do so? Zuckerberg answered yes to both of these questions, which might not come as a surprise, and dedicated his company to doing better moving forward. In any case, it would seem that people have awoken to the idea of being skeptical of promises made by social media.

BlueBorne: Bluetooth At Risk

Monday, November 13, 2017 09:38

Bluetooth is a wireless technology that allows for the exchange of data over short distances, and it has become somewhat of a household name, as most of our mobile devices nowadays are capable of using it.  In fact, it is estimated that over 8.2 billion devices today use Bluetooth, making it the unquestionable standard for short range communication protocols.  It would stand to reason that any technology this widespread would be especially attractive to attackers.  That is exactly the case with BlueBorne, the aptly named attack vector described by Armis Labs, the company responsible for its discovery.

BlueBorne leverages Bluetooth connections to penetrate and take complete control over targeted devices.  This vulnerability can affect any device that has Bluetooth capability including desktops, laptops, phones, tablets and many more.  What’s most concerning about BlueBorne is that it doesn’t require your device to be paired with the attacker’s device.  It doesn’t even require you to be in discoverable mode.

Once exploited on a device, BlueBorne allows the attacker to do a multitude of different things, and they can do it remotely.  Not only can the attacker access all of the information on your device including pictures and videos, but they can also take complete control of its hardware like the camera or display.

The inherent risk in Bluetooth itself is highlighted by this discovery. Bluetooth works in a very similar way as any other network technology, except that it doesn’t have any security measures in place to protect devices using it.  There are no firewalls or routing involved with Bluetooth operations.  It connects one device directly to another, wirelessly. And for the most part, once you’re in, you’re in.  Granted, when two devices are paired the communication is encrypted, meaning only the two devices can read the information.

The most important thing to mention is how to check if you are vulnerable and what you can do to protect yourself.  The first thing you can do is be sure you are running the latest version of mobile software on your device such as Android or iOS.  If you are using a laptop or desktop, be sure your Bluetooth driver is up to date, as well as your operating system such as Windows or MacOS.  Unfortunately, that may not be enough to protect your device, as some manufacturers have yet to release updates to address BlueBorne.

Luckily the company mentioned earlier, Armis Labs, has set up a website detailing every bit of information about BlueBorne you could hope to know, including a list of affected devices and appropriate patches.  They even have a example video of an attack on a mobile device.  For anyone curious of the true scope of BlueBorne’s capabilities, it is worth a watch.

Equifax Isn’t Calling

Friday, September 15, 2017 13:38

If someone calls from Equifax, it’s a scam.

Read more here.

What If I’ve Been Hacked?

Monday, May 15, 2017 14:09

In the past couple of months, we have touched on how to secure our devices, our home network, our passwords and even ourselves.  Even with all of these safeguards in place, there is still a chance that we will be hacked.  So, what are we supposed to do when all of our safeguards fail?


The first thing we need to take care of is our data.  Regular backups should be made of all of our personal information, be it our desktops, laptops or mobile phones.  If a device is hacked, it could be massively important that we are able to recover any lost data.  Many ransomware attacks, for example, will hold a computer and its data hostage, demanding money to restore access to one’s own information.

Changing Passwords

This one is a bit more straight forward.  If one of our online accounts is hacked, we need to log in to the company’s website and change our password as soon as possible.  This should ensure that the attacker is not only logged out of the account, but that they cannot get back in any time soon, assuming the new password is strong and unique.

Be Mindful

An overall state of mindfulness is useful when it comes to security.  We need to keep an eye on all accounts such as credit cards or bank accounts, and if there is any strange activity noticed, the financial institution needs to be called right away.  This type of diligence will help us minimize the damage caused by a successful attack against us.

Securing Your Passwords

Tuesday, April 11, 2017 16:40

Virtually everyone has to remember at least one password, and most of us have to remember quite a few.  The tricks we use to keep track of these passwords might be convenient, but it’s worth considering if we can find a more secure way.  Here are a few tips to get us started.

Writing Down Your Password

If possible, don’t write passwords down.  It’d be very easy for someone with ill intent to grab a sticky note from a desk.  If it must be written down, be sure to remove the context.  For example, if the note with the password for a particular computer is stuck to that same computer, it’s clear what the password is for.  Likewise, if the password for an email account is written on a note without the email address it belongs to, it would difficult to figure out what the password is for.  Remove the context and it will be much more secure. Again, however, if at all possible, do not write passwords down.

Password Storage

Figuring out how to remember all of our passwords seems to be the glaring issue here.  The good news is that we don’t have to.  There exists what are called “password safes”, which are basically just software applications that store passwords for us.  The software uses encryption to keep the passwords hidden, so it is much more secure than writing the password down.  There are many options for password safes and many of them are free.  A good place to start would be to search for KeyPass or LastPass, but there are plenty of worthy alternatives.

Password Sharing

At some point, we may have to figure out how to get a password to another individual.  Luckily, there are some best practices for this as well.  First, don’t send a password through the body of an email.  This is not considered secure.  There are ways to store a password in an encrypted file and send the file via email, and various other similar methods.  Communicating a password over the phone is acceptable, as a typical phone line conversation isn’t easily intercepted by a third party like an email can be.  A better option, however, is to use password sharing features available in the earlier mentioned password safe applications.  Most password safes have the option to share a password securely with another individual who owns the same software.  This is an especially attractive option for businesses, as it allows for secure password sharing and storage across the board.

Password Best Practices

We not only have to minimize the chance that someone will guess or steal our passwords, but we also have to know what actions to take if they do.  One great method to deal with this is to use different passwords for each service.  This way, if someone gets hold of a password for one service, every other service won’t be compromised as well.  In this case, we would only have to reset our password for one service instead of multiple services.  Further, this makes identifying the service that leaked our password much easier.  The password safes mentioned above make it easy to keep track of multiple unique passwords, and some will even generate passwords set to your specifications.

It should be mentioned that nothing will guarantee that our passwords won’t fall into the wrong hands at some point, but each of the above tips will bring us one step closer to reducing the chances of a compromise occurring.


Securing Your Devices

Thursday, March 9, 2017 15:58

Last time, we talked about securing our home network.  This time, we need to address the security of our devices themselves.  Whether it’s a smartphone or a traditional computer, there are a few steps we can take to secure our devices.

Updates Are Your Friend

Although they are not always convenient, software updates are paramount to securing our devices.  Keeping our devices up-to-date means there are fewer security flaws that intruders can use to access these devices.  Not only that, but updates can simply improve the performance and stability of the device, so there aren’t many good reasons to skip updates.  Most newer devices should have automatic updates enabled, but be sure to double-check that this is the case.  Contact the manufacturer of the device or visit their website for detailed updating instructions.

What’s the Password?

Many of us know by now that putting a password or PIN on our devices can be an effective security strategy.  Virtually every modern device, whether a smartphone or other computer, has the capability of locking the device with a password.  Of course, if someone steals or finds a device, they won’t be able to use it if there is a password set.  Many smartphones will go as far as to lock the phone down completely if an intruder incorrectly enters the password too many times.  For the person looking to go the extra mile to secure their device, a password or PIN is a must have.

Protect and Serve

Let’s get to the point: Every computer needs to have a firewall and anti-virus installed — period.  Having these will not only help us ward off potential threats, but they can also aid in eliminating malicious software already running on a device.  Many devices will have a firewall built in to the operating system, but the anti-virus software will likely have to be installed by the user.  There are many affordable and effective options out there, including some free anti-virus programs that really pack a punch.  Just remember, any legitimate anti-virus software is better than none at all.

Dispose With Care

When disposing of computers or mobile devices, be sure they are wiped of any personal information.  Even if the device is going to a relative or trusted friend, it is still worth being safe and wiping the device.  How to do this will vary from device to device, so be sure to contact the manufacturer or visit their website for detailed instructions.

These tips should be followed by anyone looking to make their devices more secure.  The peace of mind gained is worth the time.  Next time, we will look at ways we can secure our accounts and passwords.

Securing Your Home Network

Thursday, February 23, 2017 11:35

By now, many of us are aware that there are people on the internet who want to gain unauthorized access to our systems and information.  To help avoid this, we need to be aware of any weak points in our cyber security stronghold.  This time, we’re going to focus on our home WIFI router.  A router is what our devices use to access the internet at home, be it WIFI or wired, and can be a point of attack for those who want to do us harm.  If an attacker gains access to our WIFI network, often times they can also gain access to any devices on that same network, and any files that go along with it.  So, here are a few things we can do to secure our home router:

Access Router Settings

A router, like many other devices, has settings that can be changed or configured.  Using these settings, we can specify who gets to access the WIFI network, along with many other settings that might be useful.  But first, we need to figure out how to access these settings.  Luckily, this is a simple task that can be accomplished using any modern internet browser such as Chrome, Firefox, or Internet Explorer.  We will need to type the IP address of the router in the address bar of the browser to access the router settings.  Refer to the router’s manual for what this might be.

Log In as Administrator

Now, how do we get the log in details?  They should be listed in your router’s manual, but if we can’t find it, there is a much easier way.  They can be found by simply Googling the brand name and model of your router, which is usually printed on the router itself, along with “admin password”.  There are many sites out there that post the default administrator username and password.  Try to visit only trusted sites, such as the internet service provider or the router manufacturer’s forums.

Lock It Down

Once we have logged in to the router, we will notice a plethora of settings.  With most modern routers, we can use these settings to ensure that our home is cyber secure.  First thing’s first, we need to change the password for the administrator account we just used to log in, as anybody can find the default log in details as we just did.  How to do this will vary widely from router to router, but if we dig through the settings, we should find an option to change account passwords.  Changing the administrator password is the first step to securing our home network.

Tighten the Screws

Once that’s done, we should set up a WIFI password if we haven’t done so already.  This will often be listed as a key of some kind in the wireless section of the router’s settings.  Also, we want to be sure the wireless network is using an effective security protocol, such as WPA2.  If that is an option, be sure to select it.  However, do not use WEP as that is known to be insecure.  There are likely many other options to peruse, so it’s worth browsing through to see if any of them are useful.

Doing these things will go a long way in keeping our systems and information more secure.  For more details on how to access router settings, refer to the router’s manual, contact the manufacturer, or visit their website.  Next time, we’ll be looking at how to secure your devices themselves.

Gooligan Malware Targets Android Users

Tuesday, December 13, 2016 11:28

There’s a new malware campaign in town, and its name is Gooligan.  Attackers are using a type of malware, called Gooligan, to infect Android devices and acquire the users’ Google account credentials. This malware is responsible for the largest known Google account breach to date.   How does it work?  In simple terms, Gooligan takes advantage of known security flaws in out-of-date Android devices. This allows the attacker to do anything the user of the device can do, all from a remote location, including accessing all Google services associated with the device.

The infection can begin with the user clicking a malicious website link, or they could be enticed into downloading an infected app from a third-party app store.  Once the app is installed, the attacker has full control.  There are security patches that can be installed to fix the security flaws, but they may not be available on all versions of Android, or the user has not installed them.  So, if you have any android devices, be sure to check for updates and install them on a regular basis.  Also, don’t install any apps from third-party websites or click on suspicious links.

If you want to check if your ISU Google account has been compromised, visit this website and enter your ISU email address, or any Gmail address, and click the check button.  If you find that your ISU account is compromised, contact the ISU IT Service Desk as soon as possible at (208)282-4357 or email  Stay safe out there!

Phishing: Hook, Line and Sinker

Wednesday, November 2, 2016 12:21

Have you ever been tricked by an email?  “What does that mean?”, you might ask.  Well, scammers can trick people into giving them personal information through email.  This is commonly called “phishing”.  This month, there are a few phishing attacks in particular that everyone needs to be on the lookout for.  Fake order confirmations, phony promises of money, and even false scanned document notifications are amongst the most common phishing attacks being performed.

If you want to learn more about phishing, or these attacks specifically, click here to read the full article.

Social Security Scams

Wednesday, August 17, 2016 13:31

Warn_ComputerThere are two Social Security scams you need to watch out for at the moment.

The first one is where you receive an official-looking email from the Social Security Administration with an invite to create an account so you can receive your benefits. You land on a webpage where the scammers hope you will fill out all your confidential information. Don’t fall for it. Never click on links in any of these emails. If you want to sign up for a My Social Security Account go directly to

The second scam is where the bad guys actually create an account for someone, and redirect the payments to a bank account controlled by them, not the victim. To prevent this from happening, create your own MySSA account with a strong username and password. This is similar to filing your tax return early before the bad guys file a bogus return and steal your refund.

Another security measure I recommend is that when you create your MySSA account, go to the settings and choose the option that any changes to the bank account into which your check is electronically deposited only be done physically at a Social Security branch office and not using your online account. Note that you may have to travel to that office if you live far away.

Think Before You Click!