No more simulated phishing emails in your inbox? No more access to the eLearning program for employees of the RWTH? That can only mean one thing: the cyber security awareness training at RWTH Aachen University ended for the time being on May 09, 2022.
Today we look back on the training and share the results with you.
Cyber-Security at RWTH
RWTH makes many efforts, whether in the central facilities or in the teaching and research institutions, to maintain an appropriate level of security. However, these technical and organizational measures can only be fully effective if employees also have the necessary awareness of the danger and know what contribution only they can make to prevent attacks on RWTH data or at least make them more difficult.
In our article “Insider Threat: The Threat from Within“, we go into more detail about this and reveal what exactly insider threats are, how they can occur, and how they can be avoided. You will also learn what to do in the event of a data protection incident at RWTH and how to report it.
Phishing simulation at RWTH
Due to the increasing number of cyber attacks, which are also directed more and more frequently against universities and other institutions, RWTH conducted an internal phishing simulation from December 06, 2021 to May 09, 2022 with the help of the security company SoSafe GmbH to increase cyber security awareness.
As part of this phishing simulation, all RWTH employees and students received emails spread out over this period that simulated possible phishing attacks on our university. The emails we sent served as training to identify dangerous emails by certain characteristics and to create awareness to become aware of the threat.
Here you can check again which simulated phishing emails we sent to you:
- „Buchung der Lernräume“
- „Microsoft: Bitte authentifizieren Sie Ihr Konto“
- „Video: Bist Du das??“
- „Ihr Beitrag zum RWTH-Jubiläum“
- „Sicherheitshinweis: Neuer Evakuierungsplan“
- „Fw: Bund plant grundlegende Bildungsreform“
- „Verfahren gegen Mitarbeiter bei RWTH eingeleitet. Zeugen gesucht!“
- „Dringend: E-Mail-Kontingent aufgebraucht“
- „Wettbewerb: Das sicherste Passwort“
- „Anmeldeinformation zum Training“
- “RWTH Service Update am 16. Februar 2022”
- „Sie haben einen verpassten Anruf“
- „Paket mit hoher Priorität: Verfolgen Sie es jetzt!“
- „[Jobtickets und Parkausweise] Erstattungen nach der Pandemie“
- „[Semesterticket] Jetzt in der gesamten Euregio“
- „Update VPN-Client 5.7.3“
- „Outlook 2023 vor der Tür“
Neither the RWTH as the client nor the external service provider could see at any time how you personally clicked or behaved. The RWTH only received an anonymous, summarized evaluation of the click rates.
Phishing simulation in figures
Initial phase (06.12. – 17.12.2021)
During the initial phase, more than 160,000 simulated phishing emails were sent to the nearly 60,000 students and employees of RWTH. In 20.8% of the cases, one of the phishing elements such as a link, image or attachment was clicked on.
It is noticeable that over 40% of the emails were opened on a mobile device (smartphone or tablet). On these devices in particular, the default settings of the email apps are often set so that images are automatically reloaded. This makes it more difficult to identify what kind of link is hidden behind it and which page is thus opened.
Follow-up phase (03.01. – 09.05.2022)
In the follow-up phase, a total of over 270,000 of these simulated emails were sent. The frequency was already significantly reduced: While in the initial phase (= two weeks) three emails were sent per RWTH member, during the follow-up phase (= 4 months) an average of one email per month was sent. However, the sending was randomized this time as well.
During this phase, a phishing element was clicked on in 16.7% of the cases – and thus 4.1% less than in the first phase. In parallel, 8.5% fewer emails were also opened on a smartphone or tablet (31.5% in total).
Support requests (06.12.2021 – 09.05.2022)
In this context, our support team has received more than 4,500 requests from you (including content and technical questions, feedback, forwarding of the suspicious emails) via chat, email or phone call during the entire period.
Your feedback on the phishing simulation
During the training, we also received a lot of constructive feedback from you – whether about the frequency, the content or the lack of bilingual texts. However, the overall mood was positive 😊
We would also like to take this opportunity to thank you very much! Because only with your feedback can we optimize our service and take it into account for future campaigns and thus offer you added value in the end.
Accompanying e-learning offer for RWTH employees
In order to deepen the knowledge around the topic of cyber security and phishing, RWTH employees were provided with a parallel e-learning offer from 25.10.2021 to 09.05.2022.
Overall, 13% of eligible RWTH participants took advantage of the offer and successfully completed the hands-on and interactive learning modules with an average score of 91 out of 100.
Again, at no time did RWTH have knowledge of who completed the learning modules and with what results.
Conclusion
Such actions as the cyber security awareness training and your support lead to a reduction of the risk of cyber attacks. We are convinced that it will be more difficult for real cyber attackers to plant malware or steal passwords at RWTH in the future.
Want to learn more about IT security and phishing? You can find all our blog posts on this topic under the tag IT-Security.
Responsible for the content of this article is Nicole Kaminski.
Thanks a lot for the insightful evaluation!
As requested by my institute, I had done the security training and found it quite helpful. In that sense, are there any recommended resources, for example, a few pdf/pptx slides, that summarize the most essential security tips for RWTH members? So even if the official training course is over, we could still recommend some specific reading material to new members at our institute. 🙂
Dear Marwa,
thank you for your comment.
You can find many helpful blog posts in the “IT Security” category. You can filter them in the right column on our blog.
In addition, you have the option to use the tag “IT-Sicherheit” and you will find some blog posts on this topic. Just follow the link below:
https://blog.rwth-aachen.de/itc/en/tag/it-sicherheit/
If you have any further questions, please feel free to contact us.
Kind regards
the IT Center Blog Team