As part of his trademark, Spider-Man left a cheerful message from “Your Friendly Neighborhood Spider-Man” at crime scenes to let the police know what happened. This was a charming addition to his character and added fun to the story.
It’s safe to assume that while most people would enjoy getting a message from Spider-Man, the opposite is true when it comes to getting an email from “Your Friendly Neighborhood Computer Security Team (CST).” Those of us in CST understand this viewpoint: A security incident can be concerning, even a little scary. With that said, it is one of our goals to communicate this important information simply and effectively so that any potential vulnerability is addressed in the shortest amount of time possible.
The unfortunate reality of 21st-century life is that security vulnerabilities happen. It is just the nature of the beast that technology may be built with discoverable holes that attackers may compromise. It is also true that a completely locked down, secure system is an impossible concept – if a machine was truly impenetrable, not even the machine’s owner could access it! In other words, the likelihood of an attacker taking advantage of a vulnerability is always possible. Any internet-connected device is potentially susceptible to weaknesses in some form, from malicious links to back doors.
Another potential computing danger to keep in mind is information exposure in data breaches. It is important to be aware that online account usernames, passwords or other personally identifiable information can be robbed at any time through a variety of means. Lists with stolen usernames and passwords from different online websites or services may appear on public clipboard sites such as Pastebin.com. Sites like this are intended for information sharing and collaboration. It should be noted that any of this information can be stolen at any time and should be limited to prevent exposure of sensitive data. However, attackers may use them to publicly display information about vulnerabilities or brag about successful exploits. CST monitors such websites for any relevant information that may be publicized.
Despite absolute security being impossible, there are many things you can do to reduce the chance of compromise, such as proactively informing yourself about potential dangers by keeping up to date on recent exploits in the news and maintaining machines with updates or patches as they are made available.
To help you do just that, CST has recently released a new website, called Computer Security Awareness, at securityawareness.fnal.gov. This is a great place to learn more about what is happening in the computer security world, including relevant threats and how to stay one step ahead of attackers. Remember, computer security is everyone’s responsibility!
If a compromise or data breach does occur, CST will email you with details of the exploit, the level of impact and what steps to take, if necessary. Some of these messages will be autogenerated from the Fermilab TISSUE service and ServiceNow. Depending on the violation, TISSUE emails will include the TISSUE event number, explanation of the problem and what machine is in violation. ServiceNow tickets will come from the Fermilab Service Desk and will include an incident number.
In some cases, CST may need to inform you of other computer security concerns outside of TISSUE or ServiceNow. Typically, CST sends communications related to data breaches as reported to us through monitoring services. Additionally, we may inform you about any malicious or unusual activity regarding your lab accounts or machines.
CST has recently been improving our process for these emails. Aside from Tissue and ServiceNow emails, any email that you receive containing the “Fermilab Computer Security Team” header is a legitimate email from CST. Do not disregard these as spam. See an example below.
CST encourages you to not be alarmed if you receive a message from us. It is just Your Friendly Neighborhood Computer Security Team looking out for you!
Need to contact CST? Please send all questions, concerns, and reports of security incidents to firstname.lastname@example.org. This will ensure your message reaches us directly.
Jessie Pudelek is a computer security analyst at Fermilab