Cybersecurity at USC: How can students avoid cyber attacks?

Hackers behind cyber attacks are in a constant search to steal information, damage hardwares and softwares and access bank accounts. Even as we emerge from the pandemic, when our lives were largely conducted over the internet, cyberattacks remain a constant threat to the many Americans who cannot identify them.

Professor Clifford Neuman, Director of the USC Center for Computer Systems Security, said we can all be targets of cyberattacks, especially via phishing. This method consists of gathering information, such as password and credit card data, through emails, calls and text messages. According to the FBI, phishing was the No. 1 technique in which hackers accessed information in 2020.

A report by Proofpoint reveals that 74% of organizations in the U.S.have been victims of successful phishing attacks in 2020. In addition, Terranova Security in Canada simulated a phishing test in 2020 that was distributed to companies from 98 countries. The results showed that 13.4% of users clicked the link and 67% of these users submitted their login credentials.

Alan Wong, vice president of public relations at Cyborg@USC, a club dedicated to spurring interest about cybersecurity, said students are not aware they are being exposed to cyber attacks. Without realizing, they are constantly receiving spam calls and emails that appear legitimate.

“It’s not fun to see someone else using your identity,” Wong said.

Phishing techniques can look reliable and legitimate, as demonstrated by Neuman’s quiz that tests how users can be exposed to internet scams without being aware of it. To combat legitimate-looking scams, Wong recommends checking who the sender is and verifying the grammar. The link attached must be carefully checked too, as hackers often change only one character of the link to fool the user.

Ransom is another way hackers can obtain information, which is a form of malware that locks a user out of their own system and is then coerced to send the hacker a large amount of money in exchange for their data. However, during a ransom attack, information has already been stolen, so Professor Neuman notes the importance of bypassing the hackers entirely.

To avoid cyberattacks, protecting one’s information on the internet should be a priority. As no system is 100% reliable, Neuman recommends having multiple defenses. Hackers have systems that try thousands of words at the same time, so passwords must be strong and changed often to keep accounts secure. For this reason, experts recommend never using the same password for different accounts and creating a password with symbols, letters and numbers.

Another secure tactic is two-factor authentication, which can be used by sites to verify who you are claiming to be through a code sent to a second physical device. However, text messages can still be intercepted by hackers. Microsoft Authenticator App is a way to avoid that, as it gives you a code used to identify yourself, which changes every minute.

Wong said it is extremely important to use ad blockers, which is a browser extension that blocks trackers, since some sophisticated campaigns do not even require the user to type information into their device. In these schemes, hackers only need the screen to load.

Downloading fewer applications, using private Wi-Fi networks in public places and updating softwares regularly are other everyday techniques that a user can do to protect themselves from cyberattacks, and limit the paths for hackers to access the devices.

Brijal Shah, executive vice president of Cyborg@USC, said students need to be more conscious about cybersecurity since the internet often contains important information, such as grades or credit card numbers.

“Nowadays, we have no option and there is no way around it,” Shah said. “It is the new norm.”