I had the opportunity to sit down with Illinois State University’s Chief Information Security Officer Dan Taube to discuss cybersecurity and why it is necessary.
What are the most common types of cyber threats you see at Illinois State University?
The cyber threats that we typically see at Illinois State are exploitations of software vulnerabilities, social engineering attacks, like phishing scams, and then user error such as cloud sharing permissions that are too open. Exploitation of software happens when a vulnerability is targeted by an attacker to either gain unauthorized access, breach data, or compromise the performance of a system. On the other hand, social engineering and phishing attacks involve targeting a person to get them to do something they otherwise wouldn’t or shouldn’t do, whether that’s give up their password or personal information, install malware, or transfer money. We’ve noticed that these attacks that target human behavior have been the most effective in higher education. It can only takes one click of a bad link for attackers to compromise an account or system.
How have you seen these cyber threats evolve in recent years?
I’d say the way that these cyber threats have evolved the most in recent years is how fast these attacks happen. Threat actors are constantly attempting to gain access and use every possible trick, vulnerability, or method you can imagine to access accounts and information. Considering that the higher education sector is among the highest targeted industries by cybercriminals, with organizations experiencing roughly 2,500 attacks per week on average, along with specific shifts during the pandemic which increased the number of organized criminal groups in cyberspace rather than physical crime, it is safe to say that this likelihood and impact of cyber threats has evolved the most and will continue to evolve in the future.
How does multi-factor authentication (MFA) enhance security for Illinois State University students?
The purpose of multi-factor authentication is to offer a second or third layer of protection to an authentication system. Before MFA, the potential of someone entering your account and accessing information was high, since all they needed was your username and password. After MFA, even if an attacker has your username and password, they need to further compromise something they don’t have access to, like your phone number or an app on your phone. There are different forms of MFA with some more secure than others, such as SMS text message versus the Microsoft Authenticator app, but any is better than none.
What exactly is phishing and how does it work? How can students recognize it?
Phishing most commonly comes in the form of an email, but it can also be received as a text message, phone call, or even in person. The goal of a phishing attack is to obtain something from the person being targeted that they would not want to otherwise be shared. This could be a username, password, personal information, or even just information that isn’t available to the public, such as how much money is in your bank account. In most cases, the attack is designed to obtain the information and then store or share it for malicious purposes like identity theft, impersonation, or financial fraud.
Since threat actors are constantly adapting to commonly taught cybersecurity methods, it can sometimes be difficult to recognize a phishing attack. However, a sense of urgency is one consistency that is seen within these phishing messages. This can either be something too good to be true like a way to make easy money or a threatening message with consequences if you don’t do exactly what they say immediately.
How can students protect themselves from these cybersecurity threats like phishing scams and malware?
Students can protect themselves from these types of threats by just being suspicious of any messages or calls from an unknown source. This will most likely be your first line of defense since clicking on any links or responding to the message can be enough to compromise you. It is important to take a moment to pause and assess whenever something seems suspicious. Use MFA wherever you can. Do not reuse passwords/passphrases across services. That will at least reduce the likelihood of total compromise. Beyond that, stay informed and ask for help from trusted resources.
What steps should students take if they believe their account has been compromised?
If it is specifically their Illinois State University account, they should contact the Technology Support Center. They have the capability to assess your account security and specifically help you if you have been compromised. They are a great partner to the Information Security Office. If it is outside of Illinois State University, then you would want to focus on the support contact methods of that service. For example, if you see suspicious transactions on your banking/cash app, then contact that service. Same with social media, but they sadly often have poor response times/support. If it is more serious, such as a large financial loss, identity theft, or life/safety issues, then law enforcement and FBI have resources to assist.
How do you think cybersecurity will evolve in the next 5–10 years? What new technologies or innovations will impact cybersecurity?
Since the pandemic, cybersecurity has evolved tremendously, and I believe it will continue to evolve on this path. The pandemic forced rapid adoption of more technology than ever before. It also aligned with the introduction of generative AI services for regular users. This has increased exposure for individuals to lose their data and increased the risk of financial losses for organizations. I think this will ultimately drive real regulation to influence increased security across technology.
The implementation of generative AI will impact cybersecurity in the aggregation, distillation, and action upon massive amounts of threat intelligence and activity data. There are massive vacancies of qualified people for advanced cybersecurity positions and generative AI might offer a helping hand, if not even enable more to be done in these positions.
What is the most important cybersecurity lesson you’ve learned throughout your career?
I would say the most important lesson I’ve learned and accepted is that this is a marathon that doesn’t end. In terms of cybersecurity, there is no real endgame where we can consider everything online to be safe and secure. While there are certainly techniques that are most effective to reduce the likelihood and impact of a cyberattack, eliminating it is impossible because of technology and threat actors continuing to rapidly evolve. This ultimately requires cybersecurity to constantly adapt to different threats and attacks, which is all a part of the marathon we are currently in.
If you have a cybersecurity question or concern, you can submit a help ticket, or contact the Technology Support Center at (309) 438-HELP (4357) or by email at SupportCenter@IllinoisState.edu.
