CAM 2022 Week 4 – Updates

Welcome to the last week of Cybersecurity Awareness Month and the last full week of October. Wow, time flies…all the time. I hope October has been good, even with cold temperatures reminding us that our always short time of fall is rapidly moving into winter

Our activities for Cybersecurity Awareness Month will conclude on Friday, October 28th. There will be three prize drawings that day. One will be for week four participation in the Virtual Scavenger Hunt. If you haven’t started the Scavenger Hunt, you should start now. You can go right through all four weeks at one sitting, no waiting for the next Monday. Click on the “Start Hunting” button in the banner on the right side of the page.

The second drawing will be for the waterproof Bluetooth speaker and case pictured below. Remember, this drawing can be entered by simply reporting a phishing email using the Phish Alert Report button, either a real phishing email or one of the emails we’ve sent as tests. It’s easy to report an email! If you are using Outlook to read your Berry email, just use the Phish Alert Report button in the toolbar. If you use your phone to read your email, you’ll need to use the Outlook app for either Android or iOS to report the phish. The Phish Alert Button is under the “three dots” menu when viewing an email. If you don’t use Outlook or the Outlook app on your phone, you can always sign in to https://mail.berry.edu and report it there, again, under the “three-dots” menu. You have until Friday, October 28th at noon to report an email and be in the drawing, so report those phishing emails! I know everyone is getting them.

The final drawing that day will be for the Virtual Scavenger Hunt completion prize which is the high capacity portable charging pack with case (see below). Only those who complete the hunt will be eligible for this drawing, so again, click on the “Start Hunting” button in the banner to begin. The hunt will conclude at 4:30PM on Friday.

With all of that information out of the way, lets talk about our topic this week – updates. Updates are a necessary, and potentially annoying fact of life with technology. There are groups all over the world that do nothing but attempt to find flaws or vulnerabilities in applications and operating systems. As imperfect humans we write imperfect programs and systems, and they must be updated. Updates generally recommend or require you to stop using your technology for a few moments, whether it is a phone, computer, TV, smart assistant, car, or other device.

Ain’t no one got time for that, right? Computers take time to reboot, as do phones and TVs. You have to stop what you are doing with them. Cars take anywhere from 10 minutes to over an hour to update, and who wants to sit in their car not going anywhere?

As frustrating and invasive as they may be, updates, or patches, as they are also called, are very important. The second most common way attackers break into networks is via software or systems that are missing updates and are vulnerable. If it weren’t for social engineering like phishing emails accounting for 70-80% of successful attacks, unpatched software would be the number one way attackers breached networks. As it is, unpatched software accounts for 20-40% of successful attacks.

Most software companies have worked to make the update process easier. Web browsers like Google Chrome and Mozilla Firefox just need to be close and reopened occasionally for them to update. I highly recommend you restart your browser at least once a week to make sure you are up to date.

Microsoft has consolidated most updates to a single day a month, commonly referred to as Patch Tuesday. You still have to reboot most of the time to apply updates to both Windows and MacOS, but the process is much smoother than it used to be. Once the system notifies you that updates are available, go ahead and make plans to allow the updates to run and for your machine to reboot to apply them, maybe during lunch or at night.

The iPhone and various Android phones will notify you of updates. The iPhone and some Android phones allow you to set the phone to automatically update when connected to power and idle. They still generally have to reboot, but when done overnight or during idle time, it’s not so hard to deal with.

As I already mentioned, updates are a necessary part of owning and using technology. They are pretty simple to do now for most systems that need them. Some Internet of Things devices like TVs, appliances, and other gadgets are not as easy, but it is still important to do them. Check the manuals of these devices to see how and when to install updates. If it can talk to the network, it can also disrupt the network, or worse, if hacked.

Good luck on the scavenger hunt, report those phishing emails and be sure to come by the “Spot the Phish” table in Krannert on October 27th from 11am-12noon. You can try to spot some phishing emails and get some candy, and learn how to spot phishing emails more effectively and confidently.

Finally, be sure to complete the cybersecurity awareness training by Friday, October 28th. The course closes at 5PM that day. If you are having difficulty finding your email for this training, don’t worry. You can access the security training awareness platform two ways, without the email.

Go to https://myapps.berry.edu. Once you are logged in you should see a “Berry Security Awareness” app. If you open it, you will see the courses assigned to you, which for now only include the Fall 2022 Cybersecurity Awareness Training.

You can also go to https://berry.litmos.com, click on the “Sign in with your Berry account” link and get into the training platform.

You are welcome to take any of the other courses available there, but the Fall 2022 Cybersecurity Awareness Course is the most important one to complete at this time.

(Visited 263 times, 1 visits today)