Incidents

What’s going on?

by

Cyber Security: Phishing remains top threat at UoR

Phishing (pronounced “fishing”) is a cybercrime that involves tricking individuals into divulging sensitive information such as passwords, credit card details, or personal identification.

How big is the threat?

Phishing attacks continue to be a major concern worldwide, with a significant impact on individuals and organizations alike. In 2021, phishing attempts accounted for 83% of the total number of cyberattacks reported globally, underscoring the prominence of this threat. In 2022 this number increased to 90%. In 2023 initial reports suggest this is likely to remain as high or even be higher.

Remember: It only takes one person to click on the wrong link for our whole network to be exposed to criminal activity – don’t let that person be you!

What should I look out for?

Here are the top ten email subjects from recent spam attempts (in no particular order). As you can see, often the phisher has got information about you, your manager and your organisation to make the email seem more realistic.

Unusual sign in activity

Click to enlarge

  1. Urgent!
  2. HR: Staff Rewards Program
  3. IT: Important Email Upgrades
  4. Activate your DropBox account
  5. Your payment is overdue
  6. Microsoft 365: [display_name], Password has expired
  7. Amazon: Action Needed: Purchase Attempt
  8. Available? [manager_name] is trying to contact you
  9. Teams: [manager_name] invited you to join a Team
  10. Microsoft 365: [display_name], MFA Security Review is Required

Here are some commonly impersonated organisations:

PayPal scam

Click to enlarge

  • Your own *
  • Microsoft (including Teams, OneDrive, SharePoint)
  • LinkedIn
  • Google (including Google Chat and Google Docs)
  • PayPal
  • WeTransfer
  • WhatsApp
  • HSBC
  • Instagram
  • HMRC and other government departments

*Hackers pretending to be someone from your own organisation has the most success and has increased during 2023. 

What can I do?

It’s crucial to arm yourself against phishing attacks to ensure your personal and academic information remains secure. Here are some essential steps to take:

Keep Yourself Updated: Awareness is your first line of defence. Understand the tactics used in phishing attacks and train yourself to identify suspicious emails, messages, or websites. 

Verify the Source: Before clicking on any links or sharing personal information, verify the sender’s identity. Be cautious even if an email or message appears to be from a familiar source.

Stay Cautious: Be wary of unsolicited emails, especially those requesting personal or financial information. Legitimate organizations rarely ask for sensitive data via email.

Think Before You Click: Avoid clicking on suspicious links or downloading attachments from unknown sources. Hover over links to see the actual URL before clicking.

Use Strong, Unique Passwords: Create strong passwords using a combination of letters, numbers, and symbols. Avoid using the same password for multiple accounts.

Enable Multi-Factor Authentication (MFA): Set up MFA for an extra layer of security by requiring a second form of verification, such as a code in an Authenticator app, in addition to your password. This makes it significantly harder for attackers to access your accounts.

Keep Software Updated: Regularly update your operating system and applications. Cybercriminals often exploit known vulnerabilities in outdated software.

Use Apps Anywhere to make sure you are using the most up to date version of software with the latest security patches.

Report Suspicious Activity: If you receive an email or message that seems suspicious, report it to us. Your vigilance could help protect others from falling victim to the same attack.

Further information and contact

We have a Cyber Security section on the DTS website, which also includes information about spotting phishing attempts. 

For more general information about keeping yourself safe online, have a look at the National Cyber Security Centre website.

If you have any questions or need any advice, please contact the IT Service Desk.

by

Phone issues

The fix we implemented at 3:30 was successful and the intermittent call issues are resolved. We will monitor the service to make sure it continues to be available.

We have identified the problem causing the intermittent phone issues and are will be implementing a fix at 3:30pm. Please be aware that this will cause phone-calls to be unavailable for 5 minutes. Any calls in progress will be dropped. However, phone services should return to normal after 5 minutes.

We have identified a possible solution to fix this intermittent phone issue and are working on implementing it with our supplier. We will update you as soon as we have further information.

We are currently working with our supplier to get this fixed as soon as possible. We will have a further update at 2pm.

We are aware of a problem affecting some calls out of the University today.

There are issues with making external calls and calls from campus to campus.

Internal calls (from the same campus) and inbound calls are still working.

We are working to fix this as soon as possible and will provide a further update later today.

by

Interruption to Student Email Service

This has now been resolved for all students.

We are happy to confirm that on Friday (02/08/19) evening we were able to fix the issue affecting the student e-mail service. There appears to be an issue with UoR Malaysia students experiencing a similar difficulty which we are currently investigating.

Please be aware that any messages that were bounced back will need to be resent.

We will be having a meeting on Wednesday 7th review the incident.

We are currently experiencing an interruption to our student email service.

E-mails sent to affected student accounts will bounce back to the sender, and will need to be re-sent once service has been restored.

Apologies for any inconvenience caused – we are working to resolve this as quickly as possible. Our status page has been updated, and will be kept up to date with progress.

by

Intel, ARM and AMD chip scare (Spectre + Meltdown)

In the last few days Intel, AMD and ARM have publicly announced major security flaws within their CPU chips.  We are working with suppliers to patch our systems as quickly as possible to ensure they remain secure.

Security patches will be applied to your computer over the coming days. Never switch off your computer at the wall or the security patches will not be applied.

The University of Reading IT department will continue to monitor risk and will make updates when needed, however, please do remember to update your home machine. This flaw affects millions of institutions and businesses but will also affect households too. Full details of what the security flaw is and how to deal with it can be found on the BBC website, including how the flaw is exploited and how to keep your personal machine protected.

There has been no evidence that the flaw has been exploited yet but still poses a security threat.

Non managed Mac and Linux users should ensure that they have the latest versions of their OS and software in order to have the security patches applied.

A reminder of some good online security tips:

  1. Use strong passwords and do not share them
  2. Use central file shares or One Drive for Business in preference to local drives
  3. Never switch off your computer at the wall or the security patches will not be applied
  4. Lock/secure your hardware
  5. Encrypt sensitive and personal information
  6. Think carefully before clicking on links in emails, even from friends and colleagues
  7. Ensure that your anti-virus is up to date
  8. Ensure that Windows updates are applied promptly
  9. Keep software applications up to date
  10. Dispose of IT equipment and data securely
  11. Protect your mobile device

If you have any further questions or concerns then please contact IT.

 

by

15:27 01/04/16 Major power outage

There was a major power outage on campus this morning, affecting two key server rooms. This resulted in the loss of most of the IT services on campus.

The majority of services were restored by 14:00. Notable exceptions being;

  • Wi-Fi authentication
  • Campus card payment services
  • Trent
  • Sports Park web site
  • Network link to Cedar Farm
  • Some networking in Harry Pitt
  • Lyle building power – affects all servers hosted in this server room

 

Some services are running slowly due to re-synchronisation of the server storage. This should complete over the weekend.

There is a backlog of e-mail (incoming and outgoing) which is being processed.

Please accept our apologies for the disruption this has caused.

 

IT

by

Firewall Issue

We are currently trying to fix an issue with the Whiteknights campus firewalls, which can lead to occasional and very brief losses of connectivity to the Internet for users at Whiteknights and London Road campuses, and when accessing University business systems such as Agresso, RISIS and Trent.  There are some challenging circumstances, so it’s taking us longer than usual to get to the bottom of things.  We are working with our equipment vendor’s advanced technical support and engineering teams with a view to identifying feasible workarounds and a fix for the root cause as quickly as possible.

In order to assist with our diagnostics, and to help us accurately judge the business impact of this issue, it would be helpful if people could contact the IT Service Desk if they are unexpectedly disconnected from any of the University’s business systems during their day to day work. We routinely monitor the University’s Internet connectivity so at the present time do not need to be contacted regarding brief losses of Internet access.

As ever, please feel free to discuss any aspect of this issue with your IT Business Partner if you wish.

by

Slow Logins Issue

We have recently been experiencing problems with slow logins to some PCs on campus. We are working very hard to resolve this issue. Should you find your login is unacceptably slow (over 4 minutes), you should:

Contact the Service Desk immediately on 0118 378 6262, 6262 from an internal phone.
They will be able to provide you with details of a guest login account.
If required, restart the PC (hold the power button if necessary).
Login using the username and password supplied to you.

NOTE: The guest login will not map your N:\ drive automatically. The Service Desk will be able to assist you with this. You will still be able to access Blackboard and the Internet.

AV technicians are also able to assist with this particular problem.