Cyber-security update regarding COVID-19
Cybercriminals are taking advantage of the COVID-19 pandemic. Many industries have seen a 600% increase in phishing attempts over the last month. Higher Education institutions identified numerous email campaigns targeting our employees that solicit sensitive information through malicious links and attachments.
More specifically, cybercriminals are using the pretense of handing out federal stimulus payments to try to steal personal and financial information. Please do not click on links or attachments in emails that ask you to fill out forms in order to qualify for these payments. If you are eligible for a payment, you will receive a payment directly (such as by direct deposit or check) from the Internal Revenue Service.
We've also seen an increase in phishing emails claiming to be from authoritative sources such as the Centers for Disease Control and Prevention, the World Health Organization, and health care organizations tracking COVID-19 pandemic cases. These emails attempt to extract information such as username, passwords, and financial data from unsuspecting users.
These are age-old tricks cybercriminals use to gain access to corporate and private systems. Please use caution and judgment when responding to external requests and stay vigilant of any requests involving money or bank information.
As a UC ANR employee, you are our first line of defense against these threats, which pose a potential danger to our systems. The UC ANR IT team has these tips for employees:
- Never give your personal or sensitive organization information to someone unless you are sure of their identity.
- Do not open attachments or click on links in emails or texts you are not expecting.
- Report any suspicious email to firstname.lastname@example.org.
In addition, if you receive a suspicious phone call or text, or unexpected verification request, immediately contact the ANR IT and notify your manager.
Thank you for helping to ensure the security of our systems.
Zoom best practices
The university's Chief Information Officers are very aware and concerned that Zoom is experiencing security and privacy issues. Our UC IT security and privacy experts are closely monitoring these issues and Zoom's responses.
Zoom has been quick to respond to these issues, including the timely release of security patches for newly discovered vulnerabilities. UC locations also have issued guidance for their users, which is found below. Such guidance will be revised as necessary, based on any new findings.
In addition, UC has a systemwide agreement in place with Zoom, which includes the UC Data Security Appendix and a HIPAA Business Associate Agreement. The terms of this agreement address UC's needs and provide greater security and privacy protections than Zoom's standard agreement terms.
Privacy and security are a joint responsibility of both Zoom and our UC communities. There are a few keys steps all of us can take to best ensure the privacy and security of our Zoom interactions:
- All Zoom users should install client software updates as soon as they are available.
- Zoom meeting hosts should set their accounts to provide the highest protection for the privacy of all meeting participants in accordance with their location's published guidance. See UC ANR guidance at https://ucanr.edu/sites/safety/files/323618.pdf.
- All Zoom users should periodically check their location's published guidance for updates.
In sum, Zoom has been responsive to the security and privacy concerns and, while it is important for our IT security and privacy experts to monitor the situation, we believe that at present Zoom continues to be an appropriate option for online learning and remote work.
UC ANR Staff Assembly created a new reimbursement program, ANR GROWS, which encourages staff to take time out to relax through gardening and growing food. They are offering a hundred $50 reimbursements, on a first-come first-served basis, for staff to purchase soil, seeds, transplants, compost and gardening supplies. Visit http://staffassembly.ucanr.edu/ANR_Grows/ for more information.
Erin DiCaprio, Assistant CE Specialist in Community Food Safety at the UC Davis Food Science and Technology Department, created an 11 module online series of her Food Safety Training for Master Food Preserver Trainees that she gives each year as part of New Trainee Training.