Berkeley Lab Computer Protection Program

Emergencies | Site Index | Contact Us


	CPP Home

	Contacts

	Policy Guidelines

	Scan Information

	Training

	System Procedures

	Tools & Services

	ALERTS

	Recent CPP Actions

	News & Articles

	CPP Intranet

	Search
	A-Z Index
	Phone Book

The Computer Protection Program (CPP) administers the Laboratory's computer security program and provides the Laboratory community with technical expertise, and up-to-date information and resources for improving computer security and cybersecurity awareness.

If Your System is Blocked from Network Access due to a virus infection or vulnerability, such as missing patches, contact the IT Division Help Desk at help@lbl.gov or x4357. To review the CPP policy regarding blocking of computers please go here.

Computer Security Annual Refresher is an annual requirement for all employees. SEC0201 training is available online here.

Web Server Registration Beginning on November 1, 2008, web servers must be registered in order to be visible from the Internet. By default, web servers that are not registered have the common web ports, 80/tcp and 443/tcp, denied from the Internet. If your web server does not need to be visible from the Internet, it does not need to register. To register a web server visit the Web Server Registration site. More>>

Recent Targeted Phishing Attacks Cyber criminals are using sophisticated targeted phishing in an attempt to infiltrate computers at Berkeley Lab, as well as other educational and government institutes. These attacks come via seemingly well intentioned emails. The emails may refer to things that seem relevant to your work or research. However, the emails contain malware and/or links to malware posted on websites. In most cases, this malware is too new to be detected by Anti-virus software. More>>

Dangerous Links Berkeley Lab is receiving malicious emails with links to .exe files. The .exe files are viruses and malware. The email's are commonly disguised as greeting cards. The attacks are expected to evolve to use Valentine's Day greeting cards, Super Bowl information, and Presidential Primaries information. Berkeley Lab employees must be diligent and use discretion when clicking on links sent in email. More>>

Make Your System Safer: Get a CPP Assessment To better understand and improve the security of your system(s), you can request a vulnerability assessment from the Computer Protection Program (CPP). CPP sends a confirmation e-mail before the scan begins and an email with detailed results and suggested improvements for ensuring system security after the scan is completed. While security scans in no way represents a CPP guarantee of system security or integrity, they are helpful in identifying your system's vulnerabilities. You can request Go here to request an assessment.

Don’t Be Tricked Into Compromising Your Computer Fraudulent phishing emails from banks and credit card companies asking information are commonplace, but did you know the same techniques may be used against you as an employee of Berkeley Lab? Think twice if you receive a phone call, email, or see a suspicious website asking for your private LBNL information, such as your LDAP or system password. Attackers who target you based on your connection to the Lab may use convincing LBNL logos and terminology to give you a sense of security. Many DOE sites, including other Laboratories, have been targeted by these techniques during the past year. If you're not sure it's real, send an email to cppm@lbl.gov. Most likely, you weren't the only person targeted, so report it—don’t just delete it or ignore it. Learn more about social engineering>>

Computer Security Annual Refresher Training Available The 2007 edition of Computer Security User Training is now available. The course takes 10-15 minutes to complete online and covers important cyber security topics applicable to all users. The course is mandatory for all LBNL employees with computer access and is encouraged for all Participating Guests. Take the course>>

Minimum Security Requirements Computer systems connected to the LBNL network must meet minimum security requirements or they will not be allowed on the network. Minimum security requirements establish a baseline of security for all systems on the LBNL network. More>>

Getting Started at the Lab
•  Take online computer security training SEC 0201 Computer Security Annual Refresher
•  Contact Your Computer Security Liaison about security policies or guidelines.
•  Employee Guidelines for Safe & Appropriate Computer Use
•  Learn about Viruses, Spam, Phishing, Hoaxes, Scams, and Social Engineering

Recent Messages from CPP/CIO
• Level 1/TABL Special on Phishing Attacks 5.21.08 (email warning of ongoing targeted phishing against LBL and other National Labs)
• Privacy Training Announcement

Downloads & Updates
• Symantec AntiVirus
• Microsoft AntiSpyware
• Windows Patches/Service Packs
• IT Division Computing Resources

Contact CPP
CPP can be contact via the mailing list cppm@lbl.gov, or many common issues, such as blocked computers, can be handled by the IT Division help desk at help@lbl.gov or x4357. The CPP after hours emergency pager number is 510-486-7770.

Questions and Comments
Notice to Users
Last Updated Jan 16, 2008