Menu ANR Employees
ANR Employees
University of California
ANR Employees

Posts Tagged: cybersecurity

Scheduled server downtime: Thursday, July 6, 2023 (6-8 a.m.)

ANR Community,

IT has scheduled an outage of our public server infrastructure on Thursday, July 6, between 6 a.m. and 8 a.m. During this window, all public-facing websites and remote access will be unavailable.

The purpose of this outage is to move our public-facing server to a new firewall to enhance security and reliability of our systems.

Please note the following details regarding the server outage:

Date: Thursday, July 6, 2023

Time: 6-8 a.m.

Duration: Approximately 2 hours

Impact: During this period, all public-facing website access will be temporarily unavailable.

We apologize for any disruption this may cause. IT will work to minimize the duration of the outage and restore normal operations as quickly as possible.

Should you have any urgent matters that require immediate attention during the scheduled downtime, please contact our support team at help@ucanr.edu.

Thank you for your patience and understanding.

Sree Mada
UC ANR Chief Information Officer

Jaki Hsieh Wojan
UC ANR Chief Information Security Officer

Posted on Monday, July 3, 2023 at 9:45 AM
Tags: cybersecurity (15), downtime (1), IT (21), maintenance (1), server (1), website (8)

IT: UC ANR website performance issues

ANR Community,

As you are all aware, there have been recent performance issues with ANR's website. The performance issues are due to an increased level of bot activity. These bots are automated programs that attempt to access our servers, causing a strain on our resources and impacting the user experience. It is important to note that these bots have not infiltrated our network, and we have not experienced any security breaches or unauthorized access.

This rise in bot activity is not isolated to our organization. Many higher education entities are also encountering similar challenges. Our IT team is actively working on implementing a solution to prevent the bots from reaching our servers.

We will keep you updated on the progress of our efforts to combat the bot activity and restore stability to ANR's website. If you have any questions or concerns, please don't hesitate to reach out to our IT support team at help@ucanr.edu.

Thank you for your understanding and cooperation as we work to address this issue.

Sree Mada
UC ANR Chief Information Officer

Jaki Hsieh Wojan
UC ANR Chief Information Security Officer 

Posted on Friday, June 23, 2023 at 4:51 PM
Tags: cybersecurity (15), IT (21), website (8)

LastPass security breach announced

On Dec. 22, LastPass announced that late in 2022, a hacker was able to obtain customer information (company names, end-user names, billing addresses, email addresses, telephone numbers and IP addresses) and full, encrypted vaults for many or all of its customers. You can read LastPass' announcement of the breach at https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/.  

While UC ANR does not provide LastPass to the ANR community, many of you may have access to LastPass through UCOP or personal accounts. Although we do not have a list of affected customers, it is important to act as if your data has been compromised. 

As mentioned above, encrypted vaults or lists of customer passwords protected under encryption, were stolen in the breach. While these encrypted vaults are protected with your master password or passphrase, a threat actor could crack and decrypt a user vault over time using brute-force methods.  Shorter master passwords and passphrases are more vulnerable to brute-force.  It is strongly recommended that you change all passwords stored in your LastPass vault, particularly any involved with high value accounts, such as banking. Be sure to enable multi-factor authentication wherever possible. 

It is also recommended you update your master password or passphrase to at least a 15-character password. An even longer passphrase is recommended. A simple way to create a strong master password or passphrase is to use a sentence structure with multiple words and spaces to maximum security. For example, the quote “Two households, both alike in dignity.” is long, strong passphrase but also an easy phrase to remember. 

Since the threat actor also obtained customer names and email addresses, there is increased risk of them sending phishing messages to trick you into giving them your master password. Never provide your master password (or any password) to anyone, if anyone asks you for it, immediately contact IT at help@ucanr.edu.

Jaki Hsieh Wojan
Chief information security officer

Posted on Tuesday, January 3, 2023 at 12:51 PM
Tags: cybersecurity (15)

UC ANR web servers to go offline May 22 for routine scheduled maintenance

To ensure information technology system security and stability, the UC ANR IT team will be performing scheduled maintenance on Sunday, May 22, and then routinely every third Sunday of the month.

Planned maintenance activities will occur in an eight-hour window from 8 a.m. to 4 p.m.

During the maintenance window, all systems will be down and unavailable, with the exception of email and Zoom meetings. We will do our best to quickly restore services. When systems are restored and available for your use, we will send an email.

Two reminder emails will be sent to you in advance of the scheduled maintenance:  

  • Monday, 7 days prior to the scheduled maintenance
  • Friday, 2 days prior to the scheduled maintenance

Thank you in advance for your patience and support. If you have any questions, don't hesitate to get in touch with IT at anritg@ucanr.edu.

Jaki Hsieh Wojan
Chief Information Security Officer

jhsiehw@ucanr.edu

(530) 285-3640

Posted on Wednesday, May 11, 2022 at 1:48 PM
Tags: cybersecurity (15)

Beware phishing email from 'Glenda'

Colleagues,

Several ANR employees have received a phishing email purporting to be from Glenda Humiston. VP Humiston is not asking for gift cards; she uses her UCOP email for work. Please be extra careful to check the sender's email address if you receive emails that look suspicious. If you have questions, you may forward the suspicious email to help@ucanr.edu.

The phishing email is shown below:

-----Original Message-----
From: Glenda Humiston <executivesteams151@gmail.com> 
Sent: Thursday, April 28, 2022 8:44 AM
To: Lynn Schmitt-McQuitty <lschmittmcquitty@ucanr.edu>
Subject: Re: Very Important

Lynn, I am in a meeting right now as I will be busy after work but need you to get me some gift cards. Could you pick a few Apple gift cards for me, I tried purchasing online but no luck. When I'm done with the meeting I will reimburse you.

Kind Regards,
Glenda Humiston

--------------------

Regards,

Sree Mada
Chief Information Officer

Posted on Thursday, April 28, 2022 at 1:50 PM
Tags: cybersecurity (15), phishing (1)

Read more

 
E-mail
facebook
pinterest
tumblr
twitter
 

UC ANR is Smoke & Tobacco-Free 

University
of
California
Division of Agriculture
and
Natural Resources
Site Information Get PDF Reader
sbnum=7249 | pagenum=520
© 2024 Regents of the University of California Nondiscrimination Statement Accessibility
Webmaster Email: lforbes@ucanr.edu