Breadcrumb

NCSAM Hero Image

Do your part - #BeCyberSmart

October is National Cyber Security Awareness Month!

UC Riverside will be participating in and featuring UC system-wide events throughout the month.
All events this year will be completely online, and there is an event for everyone.

National Cyber Security Month (NCSAM) Events: 
Going Virtually Viral!

 

All UC events for NCSAM 2020 are completely online and there is something for everyone! If every person tells two others, and they tell two people, and they tell two people, before long, we can take NCSAM at UC virtually viral!  #BeCyberSmart and spread the word!

Please click on any of the items below to find information on the event.

For additional information, visit the UCOP NCSAM page.

  • True Eye Cinema Event - Beginning 10/1/2020 On Demand

    True Eye is a thriller which follows new-hire, Adrian Bridges, through his first day at a global AI-technology firm. Adrian’s policy orientation and security training quickly spin into suspense and intrigue as his personal AI device, Guide, starts asking him to do unethical and even dangerous things with sensitive data. His adventure offers a glimpse into proper operational security, how technology affects people and what we can do about it.

    Watch Trailer

    Feature (Full length video: 17:54)

  • Electronic Records Management - Now, More Than Ever - 10/1/2020 10AM-11AM

    Celebrate Electronics Management Day by joining this event as Panelists including experts in Archives, Records Management, Privacy and Information Security discuss managing electronic records. With audience Q&A afterward. 

    Registration Required: Register here

  • Hate Passwords? You're Not Alone: Why We Still Have Passwords in 2020 - 10/5/2020 Noon-1PM

    There are few things in the world more ubiquitously despised than passwords.  How many times have you tried to login to a website, only to realize that you “forgot your password,” or tried to create a new password only to have every attempt rejected because it is not secure enough?   And then, after satisfying all of these requirements, you get a text with a “security code” that you have to type in -- not ideal. How did we get ourselves in this situation, and does any of this even help from a security point-of-view?

    Join the discussion here

  • Q & A with John Pescatore, Director of Emerging Threats, SANS Institute - 10/6/2020 10AM

    During this session SANS’ John Pescatore will highlight the top 3 security issues hitting organizations in 2020/2021 followed by Ken Newton, UCSF IT Security Operations Manager asking questions to drill down in areas of particular interest to the USCF community, then selected questions from the audience.

    Learn more and Register

  • Zoom Security & Cool New Features - 10/7/2020 10AM-11AM

    Hosted by UCSB.

    Join the discussion here

  • FireEye Presents - Cybersecurity & Safety for Families - 10/7/2020 1PM

    Ric Messier, CCSP, GCIH, GSEC, CEH, and CISSP, Author, Educator, Senior Security Consultant at FireEye Mandiant

    The fully-connected, digital world has made it a lot easier for the bad guys to attack us in ways we have never had to deal with before. It’s not just e-mail anymore. It’s Snapchat and Facebook and Twitter and text messages and so many other communications avenues. It’s important for all families to understand how criminals are trying to get at them through these pathways that have allowed for unprecedented levels of communication between humans around the world. This presentation will cover the following topics:

    • Who is after you?
    • What do these attacks look like?
    • How do you protect yourself from them?
      • E-mail
      • Social networking
      • Voice and messaging

    Register here

  • Barrett Lyon Presents: Understanding Security Through Visualization of the Metaphysical - 10/8/2020 2PM

    When it comes to security practitioners, there are different learners - visual and contextual. Traditionally in security, users interact with the network architecture in a non-visual way. But for security practitioners that learn by seeing, it becomes difficult to really understand what is happening on their networks.

    Realizing this, technologists are slowly shifting to create interfaces and data in visually useful forms, leveraging art in ways that give visual learners the ability to do their job better.

    Learn more and register

  • Box Security & Usability Tips - 10/9/2020 9AM-10AM

    Hosted by UCSB.

    Join the discussion here

  • How Smart are Smartcards? A Hacker Perspective on Those Plastic Cards - 10/12/2020 Noon-1PM

    We all carry smartcards in our wallets.  We use them to purchase things (credit cards), gain access to buildings (employee ids), identify who we are (passwords).  What is this black magic that gives these pieces of plastic so much power?  Why do some cards have little metal pads on them and the others just require you to “tap?”  Is any of these actually secure?  How was my credit card number stolen?  Maybe these are questions that you've asked yourself regularly, or are facing them for the first time right now.  Either way, aren’t you curious?

    Join the discussion here

  • UC Fall 2020 Cyber Security Summit - 10/14/2020 TBD

    The Fall UC Cyber Security Summit will be held online on October 14th. We are excited about sharing our collective expertise in order to better safeguard UC’s mission of teaching, research, and public service. 

    Registration required: Register here

  • FireEye Presents - Election Safety with Jon Ford, Mandiant, Cybersecurity Expert, and Professor - 10/15/2020 1PM

    Cyber criminals and bad actors can create chaos in state and local voting and election systems. Mandiant provides election security to over 100 jurisdictions across the United States to better prepare against election security threats. To develop solutions and security programs to counter cyber threats to elections, government agencies have leaned on industry experts with frontline experience to protect our democratic elections.  

    Register here

  • Hacker Stories with Chris Hadnagy - 10/16/2020 1PM

    Chris specializes in understanding how malicious attackers exploit human communication and trust to obtain access to information and resources through manipulation and deceit. His goal is to secure companies by educating them on the methods used by attackers, identifying vulnerabilities, and mitigating issues through appropriate levels of awareness and security.

    Register here

  • Doing Our Part to Stay Cyber-Safe with Joseph Oregon, Cybersecurity Advisor, Dept of Homeland Security - 10/16/2020 1PM

    As we adjust our personal, professional and educational lives around COVID-19, we need to be mindful about the threats that still lurk online. Join us and our guest Mr. Joseph Oregon from the Department of Homeland Security’s newly created agency to address cyber and physical risk, the Cyber Security Advisor for the Cybersecurity and Infrastructure Security Agency (CISA) as we discuss how to do our Part to stay cyber-safe.

    Register here

  • What is Hacking, Really? Insights into Breaches and Exploits - 10/19/2020 Noon-1PM

    “Hackers” have become emblazoned in our society.  They dominate news headlines, are featured in prominent Hollywood movies, and have become larger than life -- instilling fear in IT professionals and awe in many young computer scientists.  Who are these people, what does it mean “hack” something, and what the heck is a binary?  Surely, you have seen a news headline that talks about hackers stealing data, taking over cars, or disrupting power plants and thought to yourself, “how did they do that; is that even possible?”

    In this talk, my goal is to convince you that “hacking” isn't that hard, and try to tease apart fact from fiction with respect to hackers.  I will highlight some hacking techniques and show you how to “own” a computer.  We will explore some of the technical limitations of our current computing systems and why they are exploitable.  Finally, I will walk you through a simple example of binary exploitation, and how you can make a program do things it wasn't intended to do.  At the end of this talk, you should be able to read news headlines with sufficient skepticism and, in some rare cases, considerable respect for the hacker’s skills.

    Join the discussion here

  • Cyber Escape Room Online - Beginning 10/19/2020

    Imagine experiencing a security awareness escape room with your entire team...all while you work from home. Introducing CyberEscape Online from Living Security. A remote training experience like no other.

    Watch the Trailer for more information.

    Details are coming soon! Check the UCOP NCSAM Pagefor updates.

  • Women in Cybersecurity - A Panel Discussion - 10/20/2020 Noon-1PM

    This year, the highlight of the NCSAM at UC Merced will be our "Women in Cybersecurity" panel moderated by AVC and CIO, Ann Kovalchick. Panelists will give their unique perspectives on the triumphs and challenges women face in the world of cybersecurity. The discussion will  be followed by a Q&A session to answer your questions. Register as soon as possible to attend!

    Panelists:
    •    Sureyya Tuncel, Information Security Analyst UC Riverside
    •    Trinh Ngo, Senior Manager IT Compliance Blue Shield of California
    •    Kathleen Bodi, Information Security Analyst UC Merced

    Moderator
    •    Ann Kovalchick, Associate Vice Chancellor and Chief Information Officer at University of California, Merced.

    Register Here

  • FireEye Presents - Elevate: Cybersecurity & Diversity in the C-Suite and the Boardroom - 10/20/2020 1PM

    Although diversity in the c-suite and the boardroom is improving, there is more work to be done. Alexa will discuss opportunities that exist for women in cybersecurity, diversity in the boardroom and the importance of mentorship.

    Register here

  • Keeping Children Safe Online - 10/21/2020 10AM

    Join us for Living Security's Live Webinar diving into keeping children safe online. Mark your calendars and register to attend this informative event. 

    Register here

  • Cyber Threatscape with FBI Special Agent, Michael Sohn - 10/22/2020 2PM

    Understanding what the cyber threats are to UCI Faculty and Students.  The FBI will share its perspectives on the cyber threat landscape, and will provide tips to protect for protecting ourselves fom them.

    Register here

  • The State of Authentication with Chad Spensky, Founder & CEO - Allthenticate - 10/22/2020 4PM-5PM

    Chad is a computer security researcher, entrepreneur, and educator who is passionate about using technology to make people’s lives easier and their digital systems more secure. Chad has more than 10 years of research experience and is a lifetime hacker. Formerly, he was a member of the technical research staff at MIT Lincoln Laboratory and has since continued to help them solve of the some of the Department of Defense's toughest cyber-security problems. He received his Ph.D. from the University of California, Santa Barbara in 2020 (thesis title: Securing and Analyzing Embedded Systems). He also possess a M.S. in computer security from the University of North Carolina at Chapel Hill, as well as a B.S. in mathematics, a B.S. in computer science, and a minor in economics from the University of Pittsburgh. As a hacker and capture the flag player himself, he is well aware of how attackers think and strongly believes that it takes a great offense to build a solid defense. He plans to use his experience and expertise to create a world that is more secure and more pleasant to interact with.

    Join the discussion here

  • Box Security & Usability Tips - 10/23/2020 9AM-10AM

    Hosted by UCSB.

    John the discussion here

  • Current Trends in K-12 and Higher Education Cybersecurity Issues and Risk Mitigation - 10/23/2020 10AM-11AM
  • Fish Sticks Comedy - Security Improv - 10/23/2020 1PM

    Fish Sticks Comedy is one of the largest, always all-age appropriate improv comedy teams in the US... Their mission — to bring people closer to each other and their communities through comedy improv. They will make our cheeks hurt from laughing, and do more than entertain. They will create a UC community experience through their unique Cybersecurity Improv! Please join us.

    Register here

  • Are My (Internet of) Things Vulnerable? A Look at the Security of Embedded Systems - 10/26/2020 Noon-1PM

    Embedded systems, little single-purpose computers, have entrenched themselves into every aspect of modern life.  While this is mostly good news because it enables amazing functionality (e.g., self-driving cars, smart homes, and the world’s information at our fingertips), it does raise one major question, “Is this stuff secure?”  Conspiracies abound with Smart Assistants, “Hey Siri, are you eavesdropping on me?”  “Hey Google, are you collecting my data?”  And almost mythical stories have arisen of hackers taking over refrigerators, power plants, and even planes.  Are any of these outlandish claims even possible?

    In this talk, I will explain how embedded systems are built, and what kind of security concerns they face.  Then, we will discuss some interesting real-world attacks and learn how difficult it really is to build a “secure” embedded system.  Finally, I will walk through a few real attacks and see what is being done to defend these systems in practice.  Ideally, after this presentation you will understand that these embedded systems are not-so-different from your laptop, but how these subtle differences radically change the game from a security perspective.

    Join the discussion here

  • Zoom Security & Cool New Features - 10/28/2020 10AM-11AM

    Hosted by UCSB.

    Join the discussion here

Phishing

What is email phishing?

With electronic mail being a mainstay of personal and professional communication, malicious actors often utilize email in an attempt to steal personal or private information. Phishing emails are crafted to look legitimate but contain malicious programming or content used to capture sensitive data, which can put you and your workplace at risk.

How do I identify email phishing?

Fortunately, there are simple ways to spot a phishing email. Here are some warning signs to look out for:

  • Bad grammar or punctuation
  • Strange fonts or paragraph spacing
  • Slightly modified email addresses
  • Forms that ask for sensitive information like usernames and passwords Links to strange websites Requests for money from what appears to be a “trusted” person
  • Language that creates a sense of urgency or ultimatum (i.e., "If you do not respond immediately you will be sent to collections")


For more information on identifying phishing emails, check out our Tips for Spotting Phishing Emails aid.

ITS Email Phishing Awareness Campaign

Over the past few months, ITS has been running a campaign to increase awareness of phishing by sending lure emails to campus users. Each of the emails provided a learning opportunity to help the recipient identify malicious emails in the future.

Phishing Emails


Videos

The videos below show each of the emails that were sent to campus users and what the issues with the emails were. You can view any of the videos by clicking one of the links below:

To see a recap of our phishing campaign and how well UCR did compared to other organizations, view the recap video below:


Additional Resources

CyberSmart Tips
 

Mouse

Take extra care before opening emails or clicking on links that seem suspicious. If it looks odd or too good to be true, it probably is. Email phishing is a very common method hackers use to access protected systems.
 

 

Padlock

Be sure to use UCR’s VPN at https://campusvpn.ucr.edu when working. You can find VPN guidance in our ITS Knowledge Base (kb.ucr.edu - search ‘VPN’).
 


 

Progress Bar

Ensure your devices are running the latest software updates. This includes updating your mobile phones, tablets, computers, Wi-Fi routers and any other Internet-attached devices

 

Email

Keep ITS in the loop! If you receive a suspicious email, send it as an attachment to abuse@ucr.edu. You can find step-by-step instructions in the Knowledge Base (kb.ucr.edu - search ‘email phishing’)

Want to take part in UCR's efforts to promote National Cyber Security Awareness Month?
 

NCSAM UCR Zoom Background

Download the UCR custom NCSAM Zoom background and use it in your Zoom calls.

Concerned about an email?
 

Warning

If you’re concerned about the legitimacy of an email, we encourage you to:

  • Create a new email and send it to the official UCR address of the purported sender to verify its legitimacy (visit UCR Profiles for official contact information)
  • Pick up the phone and call the purported sender to verify its legitimacy
  • If you have considered the above steps and believe the email to be phishing, notify the ITS Information Security Office by providing the suspicious email as an attachment in your email to abuse@ucr.edu (view step-by-step instructions on the ITS Knowledge Base: KB0011368)

Need IT Support?

The BearHelp team is happy to assist!
 

Support Logo

Submit a Support Ticket
or call 951-827-4848 (IT4U)