Cybersecurity in the time of coronavirus
27 Mar 2020
As the novel coronavirus (COVID-19) situation unfolds, USC is continuing to develop strategies to protect the USC community. A key approach to protecting our staff and students is the transition to technology-enabled learning and teaching. However, with any increase in the use of remote access technologies, there is a consequent increase in the risk that malicious threat actors will seek to take advantage of potential security vulnerabilities.
USC’s IT department is working hard to uplift our existing cybersecurity measures in anticipation of the higher demand for remote access technologies. But we need your help. Just as you are practising personal hygiene to reduce the spread of coronavirus, we need you to practice 'cyber hygiene' and become your own personal 'human firewall'.
'Cyber hygiene' involves taking personal responsibility for implementing best practice cybersecurity measures in your online environment. This may mean choosing strong passwords, the timely 'patching' of the software on your devices and refraining from clicking on links or attachments in unexpected email communications. By practising good cyber hygiene, you can become a 'human firewall' against phishing and other scams.
Adopting a best practice approach to cybersecurity becomes more challenging outside the physical university environment. Here are some recommendations for maintaining cybersecurity in a time of coronavirus:
- Beware of Coronavirus-themed scams. Free Netflix pass to help you pass the hours in self-isolation? World Health Organisation seeking personal information and direct donations? Payments for voluntarily self-isolating during the crisis? Text messages on COVID-19 testing in your geographical area? These are all examples of coronavirus-themed scams doing the rounds in Australia. The USC community is encouraged to remain vigilant and alert to the increased risk of phishing emails, telephone calls, SMS messages and instant messaging. If you are not sure whether a message is legitimate, do your own research and independently explore alternative contact methods for the sender. Remember that good organisations do not ask you to 'prove' who you are – your financial institution and government organisations will not generally send you a link asking you to enter your personal or financial details.
- Practice timely patching and updating of your personal software. Software patches and updates are designed to fix flaws in older versions of software, including potential cybersecurity vulnerabilities. The Australian Cyber Security Centre recommends enabling automatic software updating and applying manual updates as soon as practical – see Patching and Updating for more information.
- Lock down your home Wi-Fi. If you are working remotely, ensure you are using secure password-protected Wi-Fi. For further guidance on how to secure your internet connection, visit Wi-Fi and internet connections.
- Choose strong passwords. Passwords are a first line of defence to protect your information from malicious third parties. Your passwords should therefore be strong and a secret that only you know. For advice on creating and managing strong passwords, visit Passwords and passphrases.
- Use anti-virus software. Anti-virus software monitors and protects your personal computers and other devices from cybersecurity threats such as malware. It is therefore crucial that you install and update anti-virus software on your personal devices. For more information on selecting and using anti-virus software, visit Anti-virus software.
For more tips on online etiquette and digital security, visit Stay smart online.