The CERT.UP (Computer Emergency Response Team of the University of Potsdam) working group is the central point of contact for preventive and reactive measures affecting IT security at the University of Potsdam.
CERT.UP supports the publication of preventive action recommendations to avoid damage, points out vulnerabilities in hardware and software products, and suggests actions to fix known vulnerabilities.
Please see the security advisories further down this page.
If you suspect security breaches or vulnerabilities on the University of Potsdam network, please report them by email to certuuni-potsdampde.
CERT.UP will take appropriate measures to follow up on reported incidents and inform affected users.
Contact by e-mail to: certuuni-potsdampde
In the past weeks and months, universities have increasingly been the targets of attacks on communication systems, some of which have had critical consequences (examples: University of Giessen, Kiel). Such attacks cannot be prevented. However, by raising awareness of users, the probability that an attack will succeed can be reduced.
The ZIM is constantly reviewing and expanding technically the IT security measures to avert danger; among other things, filtering and control measures for potentially dangerous e-mail attachments have been expanded. References to potentially dangerous websites in e-mails are being removed.
On this page you will find:
1. Work only with your user account. Use the administrator account only briefly when you need to install software. This is certainly inconvenient, but increases security enormously. (Hackers have managed to break into IT systems with Emotet by using administrator IDs).
2. E-mail attachments (especially Office documents) are generally a security risk. Check questionable attachments particularly thoroughly, e.g. by asking the sender. If in doubt, refrain from opening such attachments. Particularly important: Do not activate macros in Office documents ("Activate content" request). Even if you have the impression that you know the sender - check the e-mail address!
3. Never activate links in e-mails and attachments if you are not absolutely sure about the origin! If in doubt, only open file attachments or links after consulting the sender. Delete e-mails with unusual subjects and links.
4. Mistakes are human. It is therefore all the more important to deal with them correctly. If you suspect malware, inform your IT manager or the ZIM (email@example.com) immediately. Immediately disconnect the computer from the data network by pulling the network cable or deactivating the WiFi. However, do not switch it off in order to perform forensics.
5. Malware (e.g. Emotet) is able to send authentic-looking spam mails. To do this, the malware reads contacts and analyzes e-mail content from the inboxes of already infected systems. The malware uses this information in an automated way for further distribution, so that recipients receive fake mails from senders with whom they have been in contact recently.
6. Avoid the use of USB sticks if possible. If the use of USB sticks is indispensable for data transfer, make sure that the USB stick and the computers involved are virus-free so that the University of Potsdam's protection systems are not circumvented by the use of USB sticks. If possible, only use USB sticks that can be set to "read only". If you transfer files to another computer from your USB stick, you prevent malware from being written to your USB stick.
7. Back up your data regularly.