This document provides an overview of an information security and compliance follow-up course held in 2019. It is divided into three sections: 1) Updates in the current year regarding information security at Hiroshima University, 2) Daily threats and countermeasures, and 3) Basics of information security. The document summarizes new security features such as Safe Links and stopping email forwarding. It also outlines threats like phishing attacks and viruses, and recommends countermeasures like using strong passwords, multi-factor authentication, and cloud storage. The document aims to improve security awareness among students and staff.

1. Information Security and Compliance
Follow-up Course
2019

2. Introduction
2
Aims of the Information Security & Compliance Course:
・Revise your knowledge of information security
・Enhance your knowledge with the latest information
security
This lecture is divided into three
sections below:
Updates in this year
Daily threats and countermeasures
Basics of information
security
1
2
3
Improve your
security awareness

3. Updates in this year
3
• Safe Links, Office 365 ATP Safe Links
• Stopping Mail Forwarding
• Trouble identification and response
flow
• Incident response drill
2018 2019
1

4. When a URL in HIRODAI mail is clicked
4
Safe Scan in progress Danger
When a URL in the HIRODAI mail is clicked, Safe
Links, Office 365 ATP Safe Links, will automatically
determine the possibility of malicious URL and alert
you.
Display the web page
normally
Still you can open the web page
Not recommended

5. What is Safe Links?
5
Sender: Hanako Momiji
Recipient: Taro Hirodai
Subject: Your inquiry
Dear Mr. Taro Hirodai
This is Hanako. Thank you for your inquiry.
Please visit the following site.
https://apac01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw
ww.media.hiroshima-.ac.jp&data=02%7C01%7CXXX
XX%40hiroshima-u.ac.jp%7Caa6dfd 110644f57cc1108d5f74f5
7b8%7Cc40454ddb2634926868d8e126hh
・・・
Automatically convert URL(s) in the received email(s)
Create a URL to determine whether the web site is malicious or
not
The original URL
https://www.media.hiroshima-u.ac.jp/
Indicating that Safe Links rewrote the
URL
Clicking the URL below, Safe Links will
check the safety of the page.

6. Junk mails are also forwarded
6
A large amount of junk mail is sent to
forwarding address.
HIRODAI mail account becomes the sender of
junk mails!
In addition, email forwarding has the risk of
information leakage.
HIRODAI mail
Junk mail
Forwarding
addressNormal
email
Do not forward
emails.
MS Corporation will
stop email
transmission.

7. How to stop forwarding emails
7
Procedure:
①Settings
②Mail
③Forwarding
④Stop forwarding
On the settings
page of Office
365 Outlook
①
②
③
④

8. Receive HIRODAI mails on Gmail
8
You can receive HIRODAI mails on Gmail without
email forwarding.
Reference: Media Center Web page:
“Adjusting settings in Gmail (POP3)”

9. Flowchart example of trouble investigation and
response
9
What CSIRT will do when a problem occurs:
Block outbound traffic from the IP address to off-campus
Tell the host administrator what to do
Crisis management
Manual Academic year
2018Revised edition

10. Incident Response Drill
10
Purpose: Check the procedure when an incident occurs
Overview: Conduct a drill with the assumption that your everyday use PC
is damaged
Target: Officer, staff and students in Hiroshima University,
that is, all people who have received emails from CSIRT
Pre-education
Response Drill
Check the incident-response procedure
Check the specifications and antivirus
software settings, etc. on your PC for
daily use.
So as to respond calmly when an incident
occurs…

11. Daily threats and countermeasures
11
• Countermeasures and actions
• Phishing attacks
• Virus infections
• Unauthorized access
2

12. Countermeasures and actions
12
You can protect yourself against most of
threats with "5 countermeasures" and
"5 actions ".
5 counter-
measures
5 actions

13. 5 countermeasures
13
Know the latest threats and
attacks
Install antivirus software
Update your OS and applications
Manage your IDs and passwords
Make regular backups

14. 5 actions
14
Check attached files and URLs
Use genuine applications and
services
Manage your PC and smartphone
Check your usage history
Use safe communication routes

15. Countermeasures and actions against
phishing attacks
15
Counter-
measures
Actions
Know the latest threats and
attacks
Install antivirus software
Update your OS and
applications
Manage your IDs and
passwords
Make regular backups
Check attached files and URLs
Use genuine applications
and services
Manage your PC and smart-
phone
Check your usage history
Use safe communication
routes

16. The number of phishing attack
victims is increasing
16
Check your usage history to know whether there
are signs of improper use or not.
1. Deceptive emails
2. Inputting
Password
3. Collecting
information
4. Unauthorized
use
Genuine Fake

17. Examples of phishing sites
17
Phishing sites look exactly like genuine sites!
Check attachments or URLs in emails carefully.
When URLs for
login pages
begin with
"http", they may
be scams.

18. When URL in your HIRODAI mail is
clicked
18
Safe Scan in progress Danger
When a URL in the HIRODAI mail is clicked, Safe Links,
Office 365 ATP Safe Links, will automatically
determine the possibility of malicious URL and alert
you.
Display the web page
normally
Still you can open the web page
Not recommended

19. Check your usage history of services
19
Consider the possibility of password leakage.
Track the usage history to know whether a third
party has illegally used the services or not.
Is there any access or
purchase history from
an unknown device?
Google account “Security Checkup”

20. Countermeasures and actions against
virus infections
20
Counter-
measures
Actions
Know the latest threats and
attacks
Install antivirus software
Update your OS and
applications
Manage your IDs and
passwords
Make regular backups
Check attached files and URLs
Use genuine applications
and services
Manage your PC and smart-
phone
Check your usage history
Use safe communication
routes

21. The threat of ransomware
21
All the files on the infected PCs are
encrypted to make them unusable.
Never pay a
ransom. Files are encrypted, so
they cannot be
opened.
The perpetrator demands
a "ransom" for
decrypting your files.

22. Virus infection routes
22
Modified or
malicious site
Phishing
emails
USB flash
drives
Downloading
programs
Other PCs on the same
network or
the same remote
desktop connection

23. Why disconnecting from the network
23
• Prevent the spread of computer viruses to
peripheral PCs
• Block further information leakage by remote
operation

24. Update antivirus software
24
New computer viruses are discovered every day.
Switch on auto antivirus software update.
The countermeasure for new viruses may take a few days
depending on the situation.
Protect against
known viruses
NEW NEW

25. Update your OS and applications
25
Set on the automatic updates option
Check if the updates have finished
Always use the
latest version!

26. Restore from a backup
26
If your PC is infected by viruses
Disconnect it from the network
Report the incident to the University
Reinitialize the PC, then restore it from a
backup
restore
Back up your data
before virus
infection!
Remove backup
media from PC

27. Countermeasures and actions
against unauthorized access
27
Counter-
measures
Actions
Know the latest threats and
attacks
Install antivirus software
Update your OS and
applications
Manage your IDs and
passwords
Make regular backups
Check attached files and URLs
Use genuine applications
and services
Manage your PC and smart-
phone
Check your usage history
Use safe communication
routes

28. Use safe communication routes
28
Do not input important information
when using public Wi-Fi!
It is hard to
distinguish genuine
one from fake one.
Free Wi-Fi
Suspicious Wi-Fi

29. Use safe communication routes
29
• Connect to the on-campus-limited systems
from an off-campus location
• Use encrypted communication easily with
apps
Very convenient when
accessing on-campus limited
service via off-campus Wi-Fi
VPN connection
You can choose to
use multi-factor
authentication for
VPN login from
academic year 2019.

30. Precautions when installing apps
30
There are many
unauthorized apps
published to Google
Play or the App Store!
Screening at the time of registration is not perfect.
You should always be cautious about suspicious functions.
https://www.welivesecurity.com/2018/12/03
/scam-ios-apps-promise-fitness-steal-
money-instead/
Scam iOS apps promise
fitness, steal money
instead (3 Dec 2018)
https://www.welivesecurity.com/2018/10/24/bankin
g-trojans-continue-surface-google-play/
Banking Trojans continue
to surface on Google Play
(24 Oct 2018)

31. Check unauthorized app
information
31
Read reviews to check
the apps if they are safe
before installation.
Check information
about unauthorized
apps after installation
unauthorized apps 2019
the name of app

32. Basics of information security
32
• Manage your password properly
• Use multi-Factor authentication
• Store files in cloud
• Share files in cloud
• Share information with people you know
• Report Incidents
• others…
3

33. Use a strong password
33
Hiroshima University Password Policy
• Be at least 8 characters long
• Include numerals, symbols, and both upper
and lowercase letters
• Not be an easy-to-guess character string
A weak password
is dangerous

34. Different passwords for each service
34
Information leakages from Web services occur frequently.
You can manage your passwords with a password
management tool.

35. Password management tools
35
Management tools for various passwords
No need to
memorize all
passwords!
Tools OS, etc.
Free
Windows, etc.
iCloud-Keychain Mac
Charged
PC, smartphone
use
PC, smartphone
use
1password
Restoration passwords for Zip,
Excel, etc. can also be stored
Be sure to make
backups

36. Use multi-factor authentication
36
Multi-factor authentication can be used for
Office 365 at Hiroshima University.
When using a smartphone mobile app,
Log in with account@hiroshima-u.ac.jp +
password + smartphone
I got an ID and its
password! Let's try
to log in now!
What’s this…?
It’s asking me a
permission to log
in…
I wonder why.
Well, I’ll refuse. What?
I can’t log in…
Block
unauthorized
access

37. When bringing your PC or smartphone
37
Be careful not to leave or lose your
PC or smartphone.
HDD in PC can be removed
and the files in it will be
read.

38. Store in cloud: on-campus
38
OneDrive for Business No need to
carry media
Can be shared with anyone in campus
Can be edited from anywhere
up to 1TB
Cloud file storage
services

39. Be cautious of attached files
39
Risk of opening virus-infected
attachments
NEW
NEW
NEW
New types of
viruses may not
be detected

40. Share files in cloud: on/off-campus
40
ownCloud
1. Upload a file and
apply file sharing setting
to it for other person
Files remain for a
month and will be
deleted
automatically
3. Download
2. “I uploaded the file to
ownCloud!”
Temporary file
storage and
sharing services

41. Use SNS appropriately
41
• Be careful not to post inappropriate content or
leak sensitive information
• Respect the privacy of others
• Do not write negative things about others
• Know that even messages from trusted people
may contain incorrect information
Be careful of messages with locational
information and photo backgrounds,
etc.
If you set HIRODAI
mail as a contact
address for SNS,
you will not be able
to receive emails
from the SNS after
graduation or upon
leaving the
university.

42. Use of file sharing software is prohibited
42
Use of file sharing software,
which help its user to share
files with many and unspecified
people, is prohibited in
Hiroshima University.
Examples of prohibited file
sharing software
• Winny
• BitTorrent
• Gnutella
• eDonkey
• Kuwo
• Ku Goo
• TTPlayer
• QQ
• others…
Installing it in your PC at
home, if you may read
HIRODAI mails on it, is also
prohibited

43. Latest threats and attacks
43
Make the effort to
gather information
about the latest
security threats.
Reference:
https://www.ipa.go.jp/security/kokokara/
study/international.html

44. Share information with people you know
44
It is important to encourage
people around you to have
accurate knowledge
Share information
with family and
friends.

45. Examples of information security incidents
45
I lost my USB memory
device containing
personal information.
My PC was infected
with a virus.
My smartphone was
stolen.
There was
unauthorized entry
into the server.
Virus infections
Information
leakage
Unauthorized
access
Sending SPAM
mails from PC

46. Report security incidents promptly
46
The list of emergency contacts is distributed.
Carry it together with your student/staff ID card!
To Know
emergency
contacts is also
one of useful
security measures

47. At the end
47
We are at the end of this online workshop.
After this, you must take an verification test.
In order to pass the test, you need 16 correct
answers out of 20 questions.
After passing the test...
If you are in your first year in Hiroshima University, you need
to answer Account Confirmation.
if you have been in Hiroshima University for more than 2 years,
you need to update your account for the current year.

48. References and materials
48
• “Top 10 Threats to Information Security 2019,” IPA
https://www.ipa.go.jp/security/vuln/10threats2019.htm
• Trendmicro
http://www.trendmicro.co.jp/jp/security-intelligence/threat-
solution/ransomware/
http://blog.trendmicro.co.jp/archives/13041
Materials
• Human Pictogram2.0
http://pictogram2.com/
• FLAT ICON DESIGN
http://flat-icon-design.com/
• ICOOON MONO
http://icooon-mono.com/

49. 49
Issued in April, 2019
Information Media Center, Hiroshima University
Attribution 4.0 International