Cyber attacks: Mails are the most important gateway IT Security at TU Braunschweig

Universities and public institutions have recently become increasingly frequent targets for cyberattacks. According to the German Rectors’ Conference in January 2023, 24 universities in Germany were affected by at least partially successful cyberattacks, 20 of them through the gateway email. The Digital Town Hall and the IT Security Awareness Days event series in cooperation with other universities provide information about IT security.

Dr. Böttger, the first lecture of the IT Security Awareness Days on 2 May will be about “Gefahren bei E-Mail und ihre Abwehr“ (Email threats and their defence). Why do emails play such a big role in cyber attacks?

Dr. Christian Böttger, Chief Information Security Officer and organiser of IT-SAD. Photo credit: Christian Böttger/TU Braunschweig

Emails are the number one gateway for cyber attacks. Employees and students make intensive use of email accounts. Fake e-mails can be used to smuggle in malware, but data can also be obtained – often in combination. We can do a lot to avert danger here, not only technically, but all TU members can do so by paying special attention.

Mail attacks are unfortunately becoming increasingly difficult to detect. The phishing mails often look deceptively real. At the moment, the attackers are putting a lot of effort into it. Of course, the attention of the users is increasing and at the same time the technical defence options are improving. You could say we are playing rabbit and hedgehog with the attackers.

At the moment, for example, fewer phishing emails with dangerous attachments are being sent, but instead more emails containing links with a request to click them for verification or confirmation. If you follow the request, your account can be hijacked, the entire mailbox and your archive can be stolen. Contacts from your mailbox can then receive dangerous mails with reference to an already answered mail.

What should I do if I realise that I have received a phishing email?

Please immediately send an email with the phishing email attached to gitz-it-sicherheit@tu-braunschweig.de Our random checks have shown that currently only about one percent of all phishing emails sent daily to TU members are reported to us. There is still room for improvement here.

If you notice yourself that you have been hacked, don’t be shy. The dangerous emails are now so good that even professionals can’t identify them all. The quicker you react, the less damage there will be. You are not only protecting yourself, but also others.
We become active immediately after your report and the address from which the mail was sent is then usually blocked university-wide. We also check whether malware has already been installed on the computer.

We also forward the mail to the DFN-Verein for spam training and add it to the spam prefilter. If mails have already been diverted, we must report this to the State Commissioner for Data Protection within 72 hours.

What can and should TU members consider in their daily work to support the long-term security of the IT infrastructure and our data?

The 3-second check already helps here. The three critical points that should be checked before opening the mail are: Is the sender known and correct? Does the subject make sense? It is often formulated vaguely, such as “Ihre Rechnung“ (Your invoice) or “Mahnung” (Reminder).

Where can one get further information?

In the lecture on 2 May and in the entire lecture series, there will be even more practical tips and information on current IT security topics. The Digital Town Hall on 2 May at 11:30 am on the topic of IT security is also recommended. There is also the opportunity to ask questions here.

The Digital Town Hall

The Town Hall on IT Security will take place on 2 May at 11:30 via video conference:
The speakers are: President Angela Ittel, Vice President for Digitalisation and Sustainability Manfred Krafczyk and CISO Christian Böttger.