Grace Kim - a student at °ÄÃÅÁùºÏ²Ê¿ª½±ÏÖ³¡ - sits at a computer looking stressed. A phishing email titled "Urgent Financial Aid Update" sits open on the screen. Grace hesitates, then closes the email and opens a new browser window.
Grace walks over to a friendly librarian, Mr. Jones.
"Excuse me, Mr. Jones, I received a suspicious email that might be a phishing scam. What should I do?" Grace asks.
"Thanks for letting me know, Grace! That's definitely something we need to report." Mr. Jones responds.
Mr. Jones guides Grace to a computer with the university's IT Security Incident Reporting Portal on the screen. He explains that this portal makes it easy to report suspicious emails. Grace learns that she can even forward the email directly to Queen’s IT Services!
Grace sits back down at her computer, relieved. While she continues her work, the IT Security team analyzes the phishing email and takes steps to protect the university community.
Security incidents are events that indicate an organization’s system and/or valuable data have been compromised or threatened. Dealing with a cybersecurity incident in the right way is important - it can be easy to miss something and not fully remove the threat.
Signs that a security incident has breached your systems or applications include:
- The network or Operating System (OS) on your device becomes slower
- Your browser redirects known URLs to different sites (i.e. you want to visit queensu.ca but are directed to a different website)
- Your files and/or servers have been encrypted and you cannot access them
- Your device receives excessive pop-ups
- Your data usage is increasing while your usage remains the same
The most important thing to remember is to ACT QUICKLY. The sooner you take action to report an incident, the less time your data is vulnerable.
Types of Security Incidents
Although phishing is the most common avenue for scammers to access your information, security incidents can occur in several forms. Expand the following menu items to learn more about how your information could be put at risk.
Occurs when unauthorized individuals have stolen sensitive or confidential information. As we grow with technology, more and more digital data is added to our digital world. This data often contains sensitive, personal, and confidential information, and as a result, data breaches have become a popular type of attack. Data breaches can be extremely costly to an organization.
When malicious software is used to damage a computer or network system or to gain unauthorized access to the university's private data. Malware attacks can come in many forms including ransomware, spyware, command and control, and more.
Involves fraudulent communication such as emails, text messages, or social media posts and messages. These fraudulent messages are designed to mimic trusted and reputable sources to deceive target users into revealing their credentials or sensitive personal data. You can check out the content from Week 1 to learn how to protect yourself from phishing.
A denial-of-service (DoS) attack occurs when legitimate users are unable to access an information system, device, or another network resource. This is a common method of attack wherein a target network or server is flooded with fake traffic, which overloads the server and results in a DoS. Services that can be affected by a DoS attack include email, websites, and medical facilities.
Basic Mitigation Measures at °ÄÃÅÁùºÏ²Ê¿ª½±ÏÖ³¡
Participate in all Security Awareness Training
Queen's provides regular security awareness training to ensure faculty, staff and students (end-users) have a basic understanding of cybersecurity threats. This helps minimize human error and block a possible breach before it occurs.
To see what training is available to you, check out the Cybersecurity Education and Awareness page.
Ensure You Know How to Report a Security IncidentÂ
Without an end-user’s input and reports, security incidents can go undetected for long periods of time. When Queen's faculty, staff, and students are aware of the processes for reporting possible security breaches, incidents can be caught before much damage is done.
Learn more about how to report a security incident.
Report ANY and ALL Suspicious Incidents
As an end-user, you are the university's first line of defence when attackers attempt to breach our digital environment. Any security infrastructure can be compromised by human error or failure to report a possible incident.
It is essential for all Queen's faculty, staff, and students to report any and all suspected security breaches, even if it does not appear to be a significant threat.
A Security Threat Is Reported – What Happens Next?
In response to an incident being reported, IT Services can take the following steps:
- Take action to mitigate the security incident and prevent it from spreading across the university and its affiliates.
- Perform additional investigation to document the scale and severity of the breach and the type of institutional data that was potentially involved.
- Identify all exploited vulnerabilities.
- Revise existing or recreate additional protection/security policies.
Other Resources
This Week's Challenge
Test your knowledge with our cybersecurity reporting quiz. Note that you will be prompted to log in with your NetID and password. When you're ready, click the link below to begin the quiz.
This quiz will collect your name, Queen's email address, and NetID to notify winners of where and how to redeem their prize. Your data will not be shared with any other party or used for any other purpose.