This week OIT will be rolling out a new email security service, 称为异常安全, to help protect personal information and university data. Abnormal Security further prevents email attacks that exploit human behavior such as phishing, social engineering and account takeovers. Abnormal Security only reviews emails that pass Microsoft’s 365 quarantine and so is an addition to our email environment and is in direct response to campus feedback about the desire for improved email security as we continue to be impacted by cyber-attacks.
为什么现在需要这个?
- It takes on average 28 seconds from a phishing email’s arrival to a successful phish (Verizon DBIR 2024). On a recent 8月ust Saturday evening at 11:47pm, a phishing attack was launched against CU Boulder and within 65 minutes, 254 CU Boulder accounts were compromised because they fell for this attack. Such attacks put personal and university data at risk.
- 过去一年, CU Boulder students have lost thousands of dollars to phishing attacks while faculty and staff have had their paychecks impacted, 失去对个人数据的控制, and had their accounts used to attack students and other faculty and staff members.
- During the past six months while OIT was piloting the service, Abnormal Security detected and would have stopped 793,000 advanced attacks from reaching members of our campus community including the recent 8月ust attack.
- The start-of-semester time frame historically sees a significant spike in attempted attacks.
- For questions regarding Abnormal please contact: oithelp@highland-co.com or 303-735-4357
这对教员有什么风险?
- During the six-month pilot, OIT has seen a 0.0004% false positive rate out of all emails arriving to CU Boulder. A false positive is when an email is incorrectly identified as malicious and blocked. Abnormal Security is an additional layer on top of the Microsoft 365 quarantine service.
- What is OIT doing to prepare for false positives? OIT reviews Abnormal Security logs daily for false positives, proactively contacts recipients if a suspected false positive is discovered, and continues to train the system to reduce this possibility.
- OIT met with other universities who have implemented Abnormal Security and ensured our practices around reporting phishing and inquiring about suspected missing emails is in line with best practices.
- OIT can always be contacted by any faculty, student or staff who believe an email they were expecting was not received. If the email was stopped because of Abnormal Security, it can be recovered if reported to the IT Service Center within 30 days of expected receipt.
- OIT and Abnormal Security continue to train the system and measure false positives to continue to reduce the 0.0004% rate further to best support and protect the campus community.