Thousands of attempts are made to attack the university every day. People with malicious intent try to obtain data with phishing emails and hacking attempts. The majority of these attacks are prevented by our security systems, such as Multi-Factor Authentication (MFA), which means logging in in multiple steps.

Data breaches at other companies

MFA ensures that people are unable to log in to our systems even if they do get their hands on your login credentials, which does happen. The ICCS is notified of data breaches that include university mail addresses. They know, for example, that university email addresses are regularly used to create accounts outside the university, often using the same password out of convenience. If that data ends up in the wrong hands and there is no MFA, anyone with malicious intent will be able to access our data in one fell swoop. The same is true if you end up falling for a phishing mail. MFA makes your data less vulnerable.

Stepping stone to larger attacks

The criminal’s goal is not necessarily to get their hands on your login information or data. That is more likely a stepping stone to a larger attack. Obtaining other data, for example, or carrying out a ransomware attack. This involves encrypting data and demanding a ransom to restore access to your data. On average this causes 21 days’ downtime, which can have a huge impact. Teaching or research that has to be cancelled, for example. And the effect of such attacks can be months or even years.

What can you do?

The university is paying extra attention to cybersecurity throughout June. You will find tips on security at work on the website. Always lock your screen, for example, even if you are only going to get a cup of coffee. Watch out for phishing emails, use strong passwords and safe tools and think twice before sharing anything.

Image: Nanda Alderliefste