Anti-phishing tools set to deploy across University, Feb 15

January 25, 2018

Project update 02/18/2018

CHANGE MANAGEMENT NOTE: Since the original publication date of this article, the full consolidation of the Proofpoint/TAP system is currently undergoing further testing to ensure all technical specifications have been met.  The full implementation will be complete by the end of February.

 

Information Technology Services is implementing a unified set of email security tools to better protect all University of Nebraska campuses against cybercriminal activity beginning Feb 15.  All inbound campus email will be protected by a security gateway, Proofpoint, that quarantines potential phishing emails and malicious attachments.  Messages can be reviewed and released by the recipient via a daily digest that lists quarantined emails.  

Additionally, Proofpoint’s Targeted Attack Protection (TAP) will prevent malicious attachments and fraudulent links from ever reaching an inbox.  TAP rewrites and inspects all links ensuring the recipient can safely click to the intended website. When users click on the rewritten links, TAP redirects them to either the original webpage or a University block page that prevents access to the compromised phishing site. 

“Higher ed is under attack daily, whether people want to believe it or not, and compromising an email account is the first step,” said Matt Morton, chief information security officer for the University of Nebraska. “The goal of the attacks is not just personal information anymore—criminals also want to know who you know.”   

Compromised accounts at high-profile institutions are bought and sold on the ‘dark web’ as entry points to valuable research data and payroll funds. “Cybersecurity is about protecting their research, about protecting their knowledge base, about protecting their reputations and how they interact with their colleagues and the people they know,” said Morton.

According to the FBI, cybercrime has risen 1300 percent since January 2015, with over $3 billion lost to phishing scams, malware attacks, and other methods.

“Email security tools like these help defend against payroll redirect, otherwise known as business email compromise,” continued Morton. “This is where the criminal gets control of the account and uses that account to change payroll information and phone number and other data. When the employee gets paid, that money goes to a different account--and money is gone.  It’s harmful to the university, it’s harmful to the individual and the bad guys get away with the money."

Outside of campus safety, cybersecurity has been identified the major source of risk at all University of Nebraska campuses.  This was a major factor in consolidating security efforts across the system. “We’ve had these tools tested and deployed on each of our campuses in one form or another for a little over a year,” said Rick Haugerud, assistant vice president for ITS security services. “Since we’re supporting the entire University of Nebraska with a unified team, having four separate deployments makes that job more difficult. We can be much more effective and get results deploying these tools consistently and uniformly.”

For additional questions, please contact the Security Operations Center at securityopcenter@unl.edu