By Arthur Moses Opio
To our staff and students,
"Urgent Action Required: New Login Detected on Your ACMIS Account"
Its starts by saying,
Dear Arthur Moses (Include your name)
We hope this email finds you well. We are writing to inform you about a recent login to your MAKERERE UNIVERSITY STAFF PORTAL account that appears to be from a different device than usual.
Thereafter they share Login Details showing the date, IP address, Region, Country, and Coordinates. (Just in case you get hacked, you can know where someone was trying to access your account.) The ability to get this notification via email is key.
They go ahead and say, "If this login was not you, we take your account security very seriously and advise you to take immediate
action to protect your account."
Then you are told what you should do and how you should report if it was a suspicious activity.
And lastly, there is a disclaimer.
To improve security on our systems, ACMIS being a critical system to both staff and students. International security standards and measures are being put in place to ensure that our accounts and systems are safeguarded.
Some staff have called and written to find out if this is legitimate. We write to let you know that it is legitimate. This is akin to how Gmail/Google, Yahoo, etc. implements its security, once you change a device, you are alerted of a new login and this comes in handy at a time like this when Malware, Malicious actors, etc. are doing whatever
it takes to bring down critical systems and the Education sector has been a target.
I WAS FLAWED - 20 Years of Patient Medical Records Encrypted
Sophos recently shared a documentary about, "Think You Know Ransomware."
Shayla Kasel said, "It's hard for me to recall the first time I heard the word ransomware. I tried to sign in through a static IP from home and there was this big black screen. I rebooted and tried again and it couldn't go away. The ransomware attack encrypted 20 years of patient medical records and scheduling systems. I was flawed."
She further said, "I am not an I.T. professional, I thought I had done everything right to protect myself. All it takes is one employee having an email infected infecting your system."
Let us be vigilant. Shayla thought that it was only big companies and institutions that get hacked, she was shocked that someone like her was a victim.
We remind you to take your security seriously, you wouldn't want 20 or 30, or even 40 years of research affected by Ransomware or any other kind of malware.
We thank you for your vigilance and continue to ask that you reach out to us for inquiries and also to report things that you are not sure of to point out where the gaps are so that we are able to fix them.
DICTS will continue to ensure security at every level of the system and the core network infrastructure.
Always make sure your computers are up to date with the latest security updates. That notification to update your software is very critical, don't ignore it.
Practice cyber hygiene. More on Cyber hygiene from this article.