You are here: Home News & Alerts News 2023-11-03 10:09: High threat …

2023-11-03 10:09: High threat level for cyber security / Phishing a permanent threat

#ufrstatus High threat level in cyber security / phishing permanent threat

The German Federal Office for Information Security (BSI) has published its annual status report [1] and concludes: "The threat in cyberspace is higher than ever before."

Universities, colleges and research institutions are also the focus of these attacks, partly due to a change in cybercriminals' strategy. The BSI writes: "On the one hand, high-revenue companies are still being
large companies are still being attacked. At the same time, ransomware attacks are becoming more popular due to the low costs of RaaS [Ransomware as a Service] are also becoming a mass business. Criminals are taking the path of least resistance, which means that small and medium-sized enterprises (SMEs), as well as local authorities, universities and research institutions, are now increasingly affected."

The University of Freiburg is also feeling the effects of this through constant phishing attacks. These now target specific areas (institutes, chairs, central departments) and make use of emails that have been tapped due to previous compromises of email accounts. This means that the phishing emails refer to earlier, genuine emails and therefore appear "real" and trustworthy. Tools such as ChatGPT also currently make it very easy to create well-made phishing emails with information that is publicly available (e.g. via websites). Specific instructions for recognizing such phishing e-mails can be found on the intranet (see [2]).

We ask all employees and students to be vigilant and to take a close look at e-mails that, for example, build up time pressure, to see whether the e-mail or the sender can be trusted (see the handout on the intranet [3]). If you do fall victim to a phishing email and have, for example, entered your login details on a website to which the cybercriminals have linked in the email, please take the following immediate measures:

  • Change the central password of your account in myAccount (see [4]) as well as other passwords of local accounts within the university network.
  • Report the incident to security@uni-freiburg.de and to the data protection department datenschutz@uni-freiburg.de (or report it via a colleague if necessary)
  • Inform your local IT administrator.
  • Inform your line manager.
  • Inform your environment if it can be assumed that emails have been leaked from the affected email account.


For your own training in recognizing phishing emails, we recommend the no-phish quiz [5].

 
References:


[1] Federal Office for Information Security, https://www.bsi.bund.de/DE/Service-Navi/Publikationen/Lagebericht/lagebericht_node.html

[2] Phishing and other dangers in the digital world, https://intranet.uni-freiburg.de/intern/downloads/saz/Phishing.pdf

[3] E-mail (in)security, https://intranet.uni-freiburg.de/sazs/sichere-emails

[4] myAccount, https://myaccount.uni-freiburg.de/uadmin/login

[5] No-Phish-Quiz, SECUSO @ KIT, https://nophish-quiz.secuso.org/

Status: 2023-11-03, MH