The Institutional Impacts of a Cyberattack

Higher education is facing an exponentially growing threat: Cyberattacks. Check Point Software reports educational institutions experienced an average of 2,507 cyberattack attempts per institution per week in the first three months of 2023 alone! Universities and colleges are at a high risk of suffering a data breach or a ransomware attack because the amount and types of data created and stored is extremely valuable to cybercriminals–data like student records, banking information, protected health information, and research data. Restricted data falling into the wrong hands can be devastating for UF, its constituents, to university business partnerships, and for funding from federal and state agencies. The welfare of the campus community and even our recruitment capabilities are all on the line.

Information security is our shared responsibility! Faculty, students, and staff must all be aware of what’s at stake, and do their part to help protect UF from cyberattacks. According to a 2023 IBM Security report, data breaches initiated through compromised credentials (such as GatorLink login information) take the longest for institutions to resolve and can be incredibly costly. Help prevent data breaches by practicing caution when opening any email received in your GatorMail marked [EXTERNAL EMAIL]. These emails come from outside the UF organization and could potentially be phishing attempts. Pay close attention to any email requesting your GatorLink login or other personally identifiable information, and report suspicious messages directly to UFIT with the phish alert report button in the top right corner of your GatorMail.

UFIT’s Information Security Office’s website has recently refreshed its online presence with new resources. Take some time to visit https://security.ufl.edu/protect-yourself/social-engineering/ and learn about different types of cyberattacks and some best practices for protecting yourself…and UF.

The Personal Cost of a Cyberattack

The digitalization of our lives leaves us vulnerable to malicious attempts from cybercriminals to steal, expose, or destroy our personal and sensitive information through cyberattacks. As new technologies evolve, so do the tactics used to target individuals, including ransomware, credential theft, and more sophisticated social engineering scams. These attacks are increasing worldwide, with Check Point Research revealing a 38% global increase from 2021 to 2022 — affecting an average of one in three Americans.

So, what could a cyberattack cost you? Research from the Centre for Counter Fraud Studies found victims of cybercrime experience psychological impacts, such as anxiety, anger, and embarrassment, even if the attack didn’t result in monetary loss. A compromised account or hacked device can quickly escalate from an inconvenience to a financial stressor. Phishing, the top reported cybercrime to the FBI in 2022, cost victims an average of $173 per attack. UFIT’s Secure the Swamp video highlights the experiences of three UF students who fell victim to phishing attacks, with one attack resulting in their financial aid being stolen.

A common theme amongst malware and phishing attempts is malicious links and the attacker’s use of personally identifiable information that tricks you into giving your password. You can use GatorMail’s URL decoder to make sure the site you plan to visit is safe. And remember: No one from UF will ever ask you for your GatorLink password!

A cyberattack can disrupt your life with serious repercussions. The best way to protect yourself from a cyberattack is to be informed and practice safe cyber routines. View UFIT’s resources on the best practices to help protect yourself from malicious cyber activity.

Identifying Deepfake Videos

Misleading content online becomes more sophisticated with each technology advancement. One type of “fake news” becoming more prominent across all social channels is the deepfake, a video that’s been modified to make the subject appear to be doing or saying something they did not.

Deepfake videos are made to fool viewers for a variety of reasons including political agendas, financial gain, to embarrass someone or a group, or to use for blackmail. Public figures can be made to say things they never said, inciting viewers or followers to think a certain way and take action based on misinformation. A viral deepfake video supposedly of Tom Cruise has more than a million views. Here’s a breakdown by the video’s creator on how he utilized AI to construct the video: DeepTomCruise TikTok Breakdown.

It is possible to identify some deepfake videos by noticing changes in skin tone, jerky facial movements, or lip movements that do not match dialogue. But as the technology improves these clues could become even harder to spot. If you have concerns about the authenticity of a video purporting to be from UF, please contact the department posting the video or send your concern to the UFIT Help Desk.