A recent cyber attack on defense contractor Lockheed Martin has again landed information security breaches in the news. In a possibly related incident, a cyber intrusion at RSA, which provides computer security services used by such companies as Lockheed Martin, was suspected to have begun with simple phishing emails.
No matter how advanced the technical controls of an organization, there's no protection for some human mistakes. Clicking on unknown links in email is an example: The phishing email that may have caused the RSA breach contained a malicious file titled "2011 Recruitment Plan."
The CU Office of Information Security (OIS) and IT professionals always are on alert to fight against emerging threats, but all faculty and staff are the first and last lines of defense. Always pay attention to the sender of email, and beware unexpected subject lines. Never send a password via email and never click on unknown links, especially links in email marked "spam."
OIS also reminds members of the university community to report suspicious emails immediately to their IT support personnel. Remember – one wrong click could mean severe consequences for the whole organization.