Monthly Archives: May 2017

Were You a Victim of the Recent “Google Docs” Worm?

logo_docs_128px

Stephen Frazier has shared a document on Google Docs with you! Or has he…?

On May 3, a particularly tricky worm spread like wildfire throughout the Internet by means of phishing emails that claimed to be from Google. These email messages fraudulently claimed that someone, possibly known to the recipients, shared a Google Doc with them. Classic phishing attacks typically involve sending emails in order to trick people into revealing personal information such as usernames and passwords and/or credit card numbers.

Unbeknownst to users who clicked on the link in the phishing email and granted access to their Gmail data, a malicious virus then had access to all of their email messages and contacts. The phishing message was then automatically forwarded to their contacts! Several detailed breakdowns are available online regarding how this attack worked, why it was so successful, and what giveaways should have alerted people to the scam.

A Google spokesperson told Business Insider that 0.1% of Gmail users were affected. That may seem like a small percentage… but Gmail is host to at least 1 billion active users! Thus, nearly 1 million people may have been affected by the virus within a few hours before it was shut down. From a criminal perspective, it was a rapid and rousing success!

Western Illinois University uses G Suite (formerly known as Google Apps for Education) for its email/calendaring solution, which made this attack rather successful. University Technology estimates that over 900 WIU users fell for this phishing email. The phishing message was so cleverly disguised that it even gave pause to many of us in University Technology – the email came from a known contact, the message had a convincing appearance, and our institution recently adopted Google Docs.

Within an hour of first noticing the email, University Technology had notified faculty, staff and students of the issue and provided instructions on protecting affected accounts. Our Support Center and infrastructure teams started contacting individuals affected and severed the connection between users’ data and the underlying malware.

Despite its success, many within the University community recognized this scam and reported it to Google. We congratulate these individuals, as they, along with other people around the globe, brought this phishing scam to a quick halt. Everyone has a duty to learn to recognize and respond to phishing scams – those that fail to do so risk handing over their personal data or the University’s data to hackers, thieves and other nefarious actors.

Please remember that you can change your WIU ECom password at any time – you do not need to wait until your password expires. If you ever question whether your account may have been compromised or you simply want to change your password to be something more secure, you can do so by logging in to Guava and clicking the “Password” icon.

Enterprise Resource Planning at WIU

WIU may well be the last university in Illinois that still develops and maintains its own business systems running on a mainframe. For dozens of years, applications tailored and customized specifically to WIU’s business needs have been developed by Administrative Information Management Systems (AIMS), primarily in the COBOL programming language. These applications and databases are running on our mainframe located in the data center on the Macomb campus.

mainframe1

John Pontifex, Information Technology Manager in University Technology, stands next to WIU’s IBM 2818 Model M05 mainframe in the Morgan Hall datacenter.

While this has provided WIU with certain advantages, such as being able to get award letters out to students sooner than most other schools, it lacks many of the features found in newer systems (including intuitive user interfaces, the ability for end users to get the data they need and are authorized to access without submitting a programming request, dashboards, etc.). We cannot compete with many of the vendors’ newer applications that are backed by huge programming teams (numbering in the hundreds or even thousands). Many new staff who join Western from other institutions have come to expect the features found in these newer systems.

In January 2015, WIU contracted with the BerryDunn consulting firm to review our ERP (Enterprise Resource Planning or business systems) to review our electronic business processes, most of which are running on the mainframe (MVS) system. Throughout the Spring 2015 semester, their consultants visited the Macomb campus, surveyed WIU employees and dug into the details of our technological processes. They were specifically asked to evaluate our mainframe system, applications, and business processes and to provide us options as we move into the future. They were not, however, to make any specific recommendations regarding a particular system or vendor. Their final report was delivered to us in July 2015.

In December 2015, we again engaged them to help us evaluate the different models available for ERP systems (Software as a Service, Commercial Off the Shelf, and Community Source). They contacted and facilitated dialogues with other institutions who have converted their ERP systems and identified WIU’s next steps in selecting a different ERP or to enhance our current one. Subsequently, EAB (formerly known as the Educational Advisory Board) conducted research and produced reports for us on cloud-based ERP selection and implementation.

Since then, the steering committee of WIU’s Enterprise Task Force (ETF), which includes two of our vice presidents, made the decision to pursue cloud-based Software as a Service (often referred to as SaaS) models. An ERP cloud-based solution, subscription-based, is a suite of applications running on a vendor’s servers that we would access through the Internet instead of servers in our data center. One of the advantages of this solution is that the vendor is responsible for developing and maintaining all applications… and updating them to meet new state and federal requirements, which is becoming more difficult for WIU given that the pool of available programmers who are proficient in COBOL is shrinking, reductions in WIU staff, and retirements.

A cloud-based solution will require us to embrace a different mindset. Departments will no longer be able to request new custom applications that AIMS would then prioritize and develop. While WIU could request the vendor to develop new applications, those would only be available if the vendor develops and releases them–which would be based on the needs and priorities of their entire user base.

The ETF is now in the process of reviewing some cloud-based products by means of on-site, high-level demonstrations of their Human Capital Management/Human Resources, Financial & Student Information modules. To that end, we have invited some vendors to campus solely for the purpose of learning more about cloud-based systems. It is important to note that WIU has not issued a RFP and it is likely that we are three to five years away from actually making a switch to a new system. During that future implementation phase, we will need to maintain our current ERP while focusing on getting the greatest use of the functionality available in the new system. The conversion will take considerable effort on everyone’s part (both AIMS and end-users). From what we’ve seen thus far, however, the work will be well worth it!