|Phishing attacks can be costly for organizations. Please be careful what you click on.|
Recently, several of our fellow national laboratories were targeted in cyber attacks that required those facilities to make the decision to disconnect from the Internet.
Fermilab was not involved in any of these attacks, but it is times such as these that remind us of the need to be diligent and the cost when we’re not. The attacks that took place earlier this month at several national laboratories started several ways. One started because someone clicked on a phishing link. The other incidents involved attackers exploiting vulnerabilities in application software. While clicking on a phishing link seems like a small mistake, it compromised these laboratories computing systems and had great consequences.
To isolate and stop the attacks, the national laboratories took down most email and internet access, shut down all windows accounts and issued new passwords to employees. When these types of mistakes happen, it can take several full-time employees weeks, or even months to recover normal operations. So, please remember to protect yourself and the laboratory. Review tips to prevent phishing attacks.
If you have questions or if you think you’ve fallen prey to a phishing scam please notify the service desk immediately at x2345 so your laboratory account passwords can be changed.
— Mark Leininger