Orginal message sent from Larry Conrad and Nils on 11/2/2015.
Cyber Security Awareness Training Inbox x Nils Gilman Associate Chancellor Chief of Staff Interim LDO < calmessa...@berkeley.edu> 11/2/15 to Faculty; *(sent on behalf of Associate Chancellor and Berkeley Cyber-Responsible Executive, Nils Gilman, Associate Vice Chancellor for IT and Chief Information Officer, Larry Conrad, and Assistant Vice Chancellor - Human Resources and Chief Human Resources Officer, Jeannine Raymond)* Dear Colleagues: *What is happening?* As part of system-wide efforts to address the increasing threats to the security of our information systems and data, on display in a variety of data breaches which have happened across the system in recent months, a comprehensive securityawareness training program is being rolled out for all UC staff and faculty. Each member of the University community has a responsibility to safeguard the information assets entrusted to us. At UC Berkeley, phishing attacks and stolen CalNet credentials remain the top threats to our individual and institutional online security. We need greater awareness and vigilance by each member of the campus community to reduce these and other key exposures to the security and privacy of our data and systems. *What do I need to do?* Starting Monday, November 2nd, all employees on payroll with active status will be required to complete the Cyber SecurityAwareness Training. The training must be completed by January 31st, 2016 and within 6 weeks for any subsequent new hires. This will be required annually. *Where is training available?* This training is video based, and delivered online through our UC Learning Center’s website. You will receive an email notification soon with instructions on how to access the training. Each module will focus on a specific security topic, conclude with three questions to test comprehension, and overall the training should take approximately 50 minutes to complete in total. *Why do I need to do this?* This training program will better prepare all of us to fulfill this responsibility and to strengthen our defenses against future attacks. Studies have shown that a substantial number of cyber attacks involve the unintended actions of users of information systems, and this risk can be significantly lowered through an effective security awareness training program. Protecting our data and information systems is a shared responsibility of us all. I am confident that together we will develop a strong culture of defense against cyber-risk. *Questions?* For more detail on information security resources please visit UC Berkeley’s Information Security and Policy website <https://security.berkeley.edu/>. AFrequently Asked Questions webpage <http://hrweb.berkeley.edu/cyber-security-training-faq> can also be accessed through the HR website. Sincerely, Nils Gilman Berkeley Cyber-Responsible Executive, Associate Chancellor and Chief of Staff to the Chancellor Larry Conrad Associate Vice Chancellor for IT and Chief Information Officer Jeannine Raymond Assistant Vice Chancellor - Human Resources and Chief Human Resources Officer ------------------------------ *If you are a manager who supervises UC Berkeley employees without regular email access, please circulate this information to all.* *Please do not reply to this message* On Tue, Jan 19, 2016 at 1:26 PM, David Nguyen <d...@berkeley.edu> wrote: > Hi All, this is not phishing. Ironically its an automated email > notification that went out to anyone who hadnt completed the UCOP mandated > Cyber Security training....you know that email from Janet Napolitano and > then again from Nils Gilman back in November. > > On Tue, Jan 19, 2016 at 1:23 PM, Christopher Brooks <c...@eecs.berkeley.edu > > wrote: > >> I followed up with various people about this. >> >> TL;DR: This message really, really looks like spearfishing. Anyone who >> clicks on those links really needs the training. Various people complained >> to various other people, who knows if the problem will continue. >> >> Details: >> >> The email message was especially dangerous because it had a deep link >> that ended up at the CalNet login page. >> >> In addition, the headers were classic, the message had a From: line from >> a Berkeley address, yet the lines above were not Berkeley machines. The >> next time this happens, I'll follow up with consult@berkeley about why >> this message was not rejected. >> >> I emailed security@berkeley and I was told that ISP contacted UCOP and >> asked them to not send this sort of message. >> >> In addition, my faculty member supervisor (who was also cc'd for each >> employee and student) contacted the Vice Provost, who was happy to hear >> from faculty about this issue. Presumably, the Vice Provost also followed >> up with someone. >> >> I've been forwarding messages like this to security@berkeley, who are >> respond promptly and are sympathetic, but don't always take direct action. >> >> >> https://security.berkeley.edu/faq/phishing/how-do-i-report-phishing-or-suspicious-email >> says: >> >> How do I report a Phishing or suspicious email? >> >> If you receive an email you are not sure about, *forward* the suspicious >> email -- *don't reply* -- to cons...@berkeley.edu (link sends e-mail) >> <cons...@berkeley.edu> or call the CSS-IT Service Desk at 510-664-9000. >> The email can be blocked from the campus system to prevent others from >> falling victim to the Phishing attack. >> >> >> After chasing a few of spearfishing messages down, my current thinking is >> that the correct procedure is to email the person who sent the message and >> educate them as to the problem. I have not been cc'ing consult@berkeley, >> so I'll probably start doing that. >> >> I think that by and large, senders of spearfishing messages are amenable >> to changing their ways. Recently, I corresponded with someone who had been >> sending spearfishing email messages via a CRM service and the next message >> that the sent did not include links that said .berkeley.edu, but pointed >> elsewhere. >> >> So, it is possible to get traction. >> >> >> The details about the cyber security training may be found at >> >> >> http://link.ucop.edu/2015/10/12/complete-cyber-security-awareness-training-by-jan-31-2016/ >> >> http://hrweb.berkeley.edu/news/cyber-security-awareness-training >> >> While I think this is a good idea, it is clear that the operators of the >> mailing list have not taken the course. >> >> This is like getting a moving violation and on your way to driver's ed., >> the car behind you tailgates you, hits the car next to it while parking, >> the driver smells like alcohol and then it turns out that is the driver's >> ed. instructor! >> >> Here's an exercise for extra credit: >> >> Is it ethical to take a such a poorly implemented class? >> >> >> _Christopher >> >> >> >> On 1/19/16 12:36 PM, Greg MERRITT wrote: >> >> You never can be too careful with spam! ;) >> >> [image: Inline image 1] >> >> >> -Greg >> >> >> >> >> >> ------------------------------------------------------------------------- >> The following was automatically added to this message by the list server: >> >> To learn more about Micronet, including how to subscribe to or unsubscribe >> from its mailing list and how to find out about upcoming meetings, please >> visit the Micronet Web site: >> http://micronet.berkeley.edu >> >> Messages you send to this mailing list are public and world-viewable, and >> the list's archives can be browsed and searched on the Internet. This means >> these messages can be viewed by (among others) your bosses, prospective >> employers, and people who have known you in the past. >> >> ANNOUNCEMENTS: To send announcements to the Micronet list, please use the >> micronet-annou...@lists.berkeley.edu list. >> >> >> -- >> Christopher Brooks, PMP University of California >> Academic Program Manager & Software Engineer US Mail: 337 Cory Hall >> CHESS/iCyPhy/Ptolemy/TerraSwarm Berkeley, CA >> 94720-1774...@eecs.berkeley.edu, 707.332.0670 (Office: 545Q Cory) >> >> >> >> ------------------------------------------------------------------------- >> The following was automatically added to this message by the list server: >> >> To learn more about Micronet, including how to subscribe to or >> unsubscribe from its mailing list and how to find out about upcoming >> meetings, please visit the Micronet Web site: >> >> http://micronet.berkeley.edu >> >> Messages you send to this mailing list are public and world-viewable, and >> the list's archives can be browsed and searched on the Internet. This >> means these messages can be viewed by (among others) your bosses, >> prospective employers, and people who have known you in the past. >> >> ANNOUNCEMENTS: To send announcements to the Micronet list, please use the >> micronet-annou...@lists.berkeley.edu list. >> >> >
------------------------------------------------------------------------- The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past. ANNOUNCEMENTS: To send announcements to the Micronet list, please use the micronet-annou...@lists.berkeley.edu list.
