Skip to content

Category: Audience

Published on

CyberSafe Travel

The middle of summer is when most people decided to take vacation or holiday, so July marks Travel Security Awareness Month. The peak of travel season is a great opportunity to remind people to prioritize both physical and cyber security while traveling. Whether for business or leisure, travelers should remain vigilant in unfamiliar locations, be aware of their surroundings, and exercise caution when using public transportation or exploring new areas. Securing belongings, using reputable transportation services, and staying informed about local safety conditions are essential steps. On the cyber front, travelers must be careful using public Wi-Fi networks, as they can be susceptible to cyberattacks. Be sure to secure your cell phone, use virtual private networks (VPNs)enabling multi-factor authentication, and updating software. These are critical things you can do to protect against cyber threats, especially when traveling.

Cyber Talk – CyberSafe Travel

GW IT Security Risk and Assurance CyberSafe Travel Webinar Wednesday July 9, 2025, 3:00 PM to 4:00 PM Register Now for the Zoom Session  (GW Community)

Cyber Secure Traveling – Guide

Resources provided to the GW community on secure travel including links to previous Cyber Talks on staying CyberSafe while traveling.

unofficial GW hippo mascot holding a lockThis content is presented by the GW IT Cybersecurity Risk and Assurance team. Maintaining a #CyberSafeGW is a shared responsibility, if you see something, say something. Report suspicious digital activities, including phishing emails, to abuse[@]gwu.edu.

IT Support Questions? For IT support, please contact the Information Technology Support Center at 202-994-GWIT (4948), ithelp[@]gwu.edu, or visit ithelp.gwu.edu

Published on

Cyber Essentials Deepfakes Video Posted

Video: Cyber Essentials - Deepfakes (2 min)

Deepfakes and social engineering are becoming increasingly sophisticated threats to organizations. Cybercriminals use AI to create convincing fake videos or manipulate people into revealing sensitive information. Learn to spot the warning signs of these deceptions and protect your organization’s reputation, finances and data.

This and other resources are available from links on the Blog site as well as directly on myGW in the CyberSafe GW group - Resources folder.

unofficial GW hippo mascot holding a lockThis content is presented by the GW IT Cybersecurity Risk and Assurance team. Maintaining a #CyberSafeGW is a shared responsibility, if you see something, say something. Report suspicious digital activities, including phishing emails, to abuse[@]gwu.edu.

IT Support Questions? For IT support, please contact the Information Technology Support Center at 202-994-GWIT (4948), ithelp[@]gwu.edu, or visit ithelp.gwu.edu

Published on

CIA triad - Importance and Best Practices

The CIA triad stands as one of the fundamental models used to guide policies and strategies for protecting information.

The “CIA” in the triad stands for Confidentiality, Integrity, and Availability — three primary objectives that organizations must ensure to safeguard their data, communications, and infrastructure from malicious attacks and accidental breaches.

These three pillars are essential in maintaining a secure and reliable network, making the CIA Triad a cornerstone of modern cybersecurity practices. (from Cyber Security News ) (15 minutes read)

A five slide presentation has been posted outlining highlights of the CIA triad and what to focus on when considering how to prioritize cybersecurity measures based on the triad. Short presentation in PDF format  (5 minute review).Best practices also noted below:

Best Practices for Ensuring Confidentiality

  • Secure Sensitive Data in transit and at rest with strong encryption
  • Implement Multi-Factor Authentication access controls
  • Regular Access Control Audits ensure only authorized users can access sensitive data
  • Increase Cyber Awareness on phishing / social engineering attack dangers

Best Practices for Ensuring Integrity

  • Use Cryptographic Hash Functions (e.g., SHA-2) to verify data integrity
  • Employ Digital Signatures for essential communications and transactions
  • Implement Encrypted Data Backups
  • Audit backup recoverability
  • Deploy Malware Detection Systems to prevent unauthorized modifications to data.

Best Practices for Ensuring Availability

  • Patch Systems and Applications to prevent failures
  • Implement Redundancy and Failover Mechanisms to ensure continuous operation during failures
  • Develop and Rehearse Disaster Recovery plans to minimize downtime in case of emergencies

Continued vigilance is critical to maintaining a CyberSafe GW!

unofficial GW hippo mascot holding a lockThis content is presented by the GW IT Cybersecurity Risk and Assurance team. Maintaining a #CyberSafeGW is a shared responsibility, if you see something, say something. Report suspicious digital activities, including phishing emails, to abuse[@]gwu.edu.

IT Support Questions? For IT support, please contact the Information Technology Support Center at 202-994-GWIT (4948), ithelp[@]gwu.edu, or visit ithelp.gwu.edu

Published on

TSA warns of 'Juice Jacking' 

Some FCC tips to avoid “juice jacking” include:

  • Using AC power outlets can help you avoid any potential risks, so be sure to pack AC, car chargers, and your own USB cables with you when traveling.
  • Carry an external battery.
  • Consider carrying a charging-only cable, which prevents data from sending or receiving while charging, from a trusted supplier.
  • If you plug your device into a USB port and a prompt appears asking you to select “share data,” or “trust this computer,” or “charge only,” always select “charge only.”

Contact the GW Cybersecurity Team at infosec[@]gwu.edu for information about no cost USB data blockers available for the GW community.  Pick one up in person at the GW's Data Summit Event Tuesday June 10!

Continued vigilance is critical to maintaining a CyberSafe GW!

unofficial GW hippo mascot holding a lockThis content is presented by the GW IT Cybersecurity Risk and Assurance team. Maintaining a #CyberSafeGW is a shared responsibility, if you see something, say something. Report suspicious digital activities, including phishing emails, to abuse[@]gwu.edu.

IT Support Questions? For IT support, please contact the Information Technology Support Center at 202-994-GWIT (4948), ithelp[@]gwu.edu, or visit ithelp.gwu.edu

Published on

The FBI’s Internet Crime Complaint Center, or IC3 published the 2024 Internet Crime Report containing internet crime statistics.

As the following graphic from the report depicts, overall complaints were down but financial losses continued to increase.

FBI 2024 IC3 report showing trend of complaints and losses since 2020

(source 5-year trend in complaints and losses, source: FBI IC3 2024 Report page 7)

Another interesting highlight from the report is the breakdown of complaints and losses by age group.

FBI IC3 2024 Report - Intern Crime Reports by Age Group

(source: 2024 complaints by age group, source: FBI IC3 2024 Report page 8)

The aggregate complaint and losses are reflected in the overall trend graphic above from page 7 of the report.  Keeping in mind there are increasing financial losses, the number of reported complaints by attack type does show some interesting (positive?) trends.  Phishing/Spoofing complaints have dropped each year for the past 3 years, while the loss attributed to Phishing/Spoofing more than tripled in 2024 compared to 2023. Personal data breach complaints and loss doubled.  The Extortion category items shows a doubling of complaints and losses year to year.  These and other categories and losses are presented in greater detail on pages 18 & 19 where 3-year trends are detailed by attack type (e.g. personal data breach - increasing unfortunately) and financial impact (e.g. personal data breach reaching almost 1.5 billion).

Continued vigilance is critical to maintaining a CyberSafe GW!

 

unofficial GW hippo mascot holding a lockThis content is presented by the GW IT Cybersecurity Risk and Assurance team. #SecuringGW is a shared responsibility, if you see something, say something. Report suspicious digital activities, including phishing emails, to abuse[@]gwu.edu.

IT Support Questions? For IT support, please contact the Information Technology Support Center at 202-994-GWIT (4948), ithelp[@]gwu.edu, or visit ithelp.gwu.edu

Published on

Announcing enhanced resource and learning content landing page Learning Resources for Cyber Security Awareness on the GW Infosec Blog.  The new page links to subject specific pages that contain a growing list of recorded Cyber Talks, third-party provided videos, as well as learning platform-based materials (e.g. Talent@GW).  The new content will be reviewed during the Thursday May 15 Cyber Talk – Professional Development Plans - IT Security Training Ideas (registration link).

unofficial GW hippo mascot holding a lockThis content is presented by the GW IT Cybersecurity Risk and Assurance team. #SecuringGW is a shared responsibility, if you see something, say something. Report suspicious digital activities, including phishing emails, to abuse[@]gwu.edu.

IT Support Questions? For IT support, please contact the Information Technology Support Center at 202-994-GWIT (4948), ithelp[@]gwu.edu, or visit ithelp.gwu.edu

Published on

National Cybersecurity Alliance Logo

World Password Day is May 1st!

Create and Use Strong Passwords

Online Safety and Privacy Jan 10, 2025 | 4 Min Read 
Passwords are the keys to safeguarding your digital and online life. They are your first line of defense. And knowing how to create and store strong passwords is one of the most critical aspects of everyday cybersecurity. This World Password Day, take some time to make sure you are following these best practices to stay safe online! Read more

What is Multifactor Authentication (MFA) and Why Should You Use It?

Online Safety and Privacy Jan 17, 2025 | 5 Min Read 
Multi-factor authentication adds a whole new layer of security to each of your accounts. When you turn on MFA, you use more than a password to log in. We recommend turning on MFA for every account that permits it. Read More

Password Managers

Online Safety and Privacy Sep 6, 2022 | 4 Min Read
Our advice about unique, strong, and complex passwords probably seems overwhelming if you've never used a password manager before. However, modern services can help you breathe a lot easier. Password managers have made it easier than ever to maintain strong passwords! Read More

Will Passwords Become a Thing of the Past?

Online Safety and Privacy  May 18, 2023 | 2 Min Read
What to know about passwordless authentication and passkeys.
Passkeys are an exciting new technology that remove the need for passwords. Instead of entering a password, with passkeys you typically log in by having a secure device handy (like a phone) and using biometrics, like a facial scan.  Read More

Security Bytes: Passwords

Security Bytes short video series password etiquette episode Watch 1 min Video 

GW Cybersecurity Password Resource Page

unofficial GW hippo mascot holding a lockThis content is presented by the GW IT Cybersecurity Risk and Assurance team. #SecuringGW is a shared responsibility, if you see something, say something. Report suspicious digital activities, including phishing emails, to abuse[@]gwu.edu.

IT Support Questions? For IT support, please contact the Information Technology Support Center at 202-994-GWIT (4948), ithelp[@]gwu.edu, or visit ithelp.gwu.edu

Published on

Don't let your guard down while you are relaxing.  Remember cyber criminals remain hard at work trying to compromise your data. Reviewing the following resources may assist you in increasing your cybsercurity while traveling.  Please note our Cyber Secure Traveling resource page on this blog site as well.

National Cybersecurity Alliance Vacation and Travel Security Tips - National Cybersecurity Alliance

Travel lightly. Limit the number of devices you take with you on your trip. The more laptops, tablets and smartphones you take with you, the more risk you open yourself up to. 

Forbes Travel Warning: Cybersecurity Emerges As A Top Security Threat

As technology continues to integrate deeper into our travel experiences, the risk of cyber-attacks while booking trips online or accessing unsecured networks in foreign countries is a real concern.

 Travel + Leisure The 14 Best Travel Safety Devices, According to T+L Editors

Travelers - United States Department of State

Preparing for a Trip Abroad Advisories: As a first step in planning any trip abroad, check the Travel Advisories for your intended destination. International Financial Scams: U.S. citizens can become victims of scams at home or abroad. 

Travel Tips - Transportation Security Administration

The TSA Travel Tips page provides essential guidance for air travelers, covering topics such as packing smart, understanding security screening procedures, and preparing for travel with special items like medications or firearms.

The links above are provided for informational purposes - inclusion of any external links or product references does not constitute a recommendation nor specific endorsement by GW or GW IT Security.

Short list of GW resources from Cyber Secure Traveling resource page

 

unofficial GW hippo mascot holding a lockThis content is presented by the GW IT Cybersecurity Risk and Assurance team. #SecuringGW is a shared responsibility, if you see something, say something. Report suspicious digital activities, including phishing emails, to abuse[@]gwu.edu.

IT Support Questions? For IT support, please contact the Information Technology Support Center at 202-994-GWIT (4948), ithelp[@]gwu.edu, or visit ithelp.gwu.edu

Published on

While you’re taking a break or vacation, cyber attackers remain hard at work trying to compromise your data. Join the GW IT cybersecurity risk and assurance team for a 45-minute overview of precautions and practices to maintain and enhance cybersecurity while traveling. Topics in this Cyber Talk will include securing your devices, connecting to WiFi networks, special considerations when traveling internationally, and more.

GW IT Security Risk and Assurance Cyber Talk Webinar Thursday, April 24, 2025 11:00 AM to 11:45 AM Register Now for the Zoom Session  (GW Community Only)

Also take a look at our Cyber Secure Traveling Resource Page which notes specific security risks and mitigation recommendations to consider prior to and while traveling.

unofficial GW hippo mascot holding a lockThis content is presented by the GW IT Cybersecurity Risk and Assurance team. #SecuringGW is a shared responsibility, if you see something, say something. Report suspicious digital activities, including phishing emails, to abuse[@]gwu.edu.

IT Support Questions? For IT support, please contact the Information Technology Support Center at 202-994-GWIT (4948), ithelp[@]gwu.edu, or visit ithelp.gwu.edu

Published on

Financial Account Compromise Recovery Tips for Personal Accounts

Identytheft.gov has extensive resources for both reporting and recovering from data breaches, account compromises and stolen identities.  The website has a interactive checklist and links to resources.  The first critical steps from Identitytheft.gov are noted below for reference and to get you started on recovery.

Step 1: Call the companies where you know fraud has occured

  • Call the fraud department. Explain that someone stole your identity
  • Ask them to close or freeze the accounts. Then, no one can add new charges unless you agree.
  • Change logins, passwords and PINS for your accounts.

Step 2: Place a fraud alert and get your credit reports.

Place a free, one-year fraud alert by contacting one of the three credit bureaus. That company must tell the other two.

Get your free credit reports from Equifax, Experian, and TransUnion. Go to annualcreditreport.com  or call 1-877-322-8228.

Step 3: Report identity theft to the FTC.

Complete the online form or call 1-877-438-4338. Include as many details as possible.

    • Based on the information you enter, IdentityTheft.gov will create your Identity Theft Report and recovery plan.
    • Your identity theft report proves to businesses that someone stole your identity. It also guarantees you certain rights.
    • If you create an account, we'll walk you through each recovery step, update your plan as needed, track your progress, and pre-fill forms and letters for you.
    • If you don't create an account, you must print and save your Identity Theft Report and recovery plan right away. Once you leave the page, you won't be able to access or update them.
You may choose to file a report with your local police department or other law Enforcement
Go to your local police office with:
    • a copy of your FTC Identity Theft Report
    • a government-issued ID with a photo
    • proof of your address (mortgage statement, rental agreement, or utilities bill)
    • any other proof you have of the theft (bills, IRS notices, etc.)
  • Tell the police someone stole your identity and you need to file a report.
  • Ask for a copy of the police report. You may need this to complete other steps.
  • Add fraud notices and/or freeze your credit a the three credit bureaus

FBI IC3 Recovery and Reporting

Email Phishing prevention tips from the FBI Internet Crime Complaint Center (IC3) Public Service Announcement Business Email Compromise (BEC) the $55 Billion Scan.  The IC3 also notes the following related to responding and reporting a compromise. 

If you discover a fraudulent transfer, time is of the essence. Immediately contact your financial institution and request a recall of the funds along with any necessary indemnification documents. Different financial institutions have varying policies; it is important to know what assistance your financial institution will provide when attempting to recover funds. Regardless of the amount lost, file a complaint with www.ic3.gov as soon as possible. The FBI IC3 may be able to assist both the financial institutions and law enforcement in freezing funds.

unofficial GW hippo mascot holding a lockThis content is presented by the GW IT Cybersecurity Risk and Assurance team. #SecuringGW is a shared responsibility, if you see something, say something. Report suspicious digital activities, including phishing emails, to abuse[@]gwu.edu.

IT Support Questions? For IT support, please contact the Information Technology Support Center at 202-994-GWIT (4948), ithelp[@]gwu.edu, or visit ithelp.gwu.edu

 

 

Viewing Message: 1 of 1.
 Notice

This site uses cookies to offer you a better browsing experience. Visit GW’s Website Privacy Notice to learn more about how GW uses cookies.