With the help of stroopwafels and a quiz, IT draws attention to cyber security

Should you accept or reject cookies? And how do you handle hackers? In October, the IT department will try to make students and staff members aware of their online activity.

ICT-employees Joey Gommans (left) and Johan Brandenburg. (Photo: Thijs van Reeuwijk)

In October, the month of cyber security, IT staff will be spread across campus. They will have a market stand and use a wire loop game and a quiz to make students and staff members aware of online dangers.

Last Monday, day one of the cyber security month, the security officers were at the Aula. While handing out the popular syrup filled Dutch stroopwafels – “the only cookies you should accept” – they explained about accepting or rejecting cookies. Students Franz (22, Aerospace Engineering and Computer Science) and Floor (21, Clinical Technology) helped out. “From now on I will have to press the no button more often,” says Floor. She often accepted cookies because she could not be bothered to read the long agreements. According to Franz, it is becoming harder to reject cookies. “Websites use certain colours that are hard to read, forcing you to accept them.”

While blindly accepting cookies may not pose a direct threat to TU Delft, Rick Punt, a security and privacy awareness consultant, wants people to be more conscious about their effects, as it is often not clear what you are accepting. “If you accept cookies on an online shop, there may be trackers from third parties. They track what you do on other sites and create a profile about you. You then become the product.”

‘Make sure you have a secure connection and report suspicious situations’

Tom (22), a Civil Engineering student, walks by. He has his own method of avoiding cookies. He always searches the internet in private mode. “I can then accept all the cookies and they disappear when I close the window.” He also checks everything when he does accept cookies and tries not to share too much information about himself online. “My preference would be to disappear offline entirely.”

In the Industrial Design Engineering (IDE) hall, IT staff member Joey Gommans stands next to a green banner. It contains six rules to protect data.

‘Make sure you have a secure connection; protect your identity with a strong password; do not click on every link or attachment; secure your devices; share and keep your data safely; and, report suspicious situations.’ Students and staff members can do a quiz here with questions about cyber security, hackers, safe passwords, and public WiFi networks.


The quiz also has a question about phishing, a phenomenon that occupies IT every day, says Gommans. “We filter out a lot of these emails, but we still get 30 to 40 reports every day from people who receive a suspicious email.” What are these about? Staff members may receive an invitation to a fake event asking them if they wish to be a speaker. “In the email the ‘organisers’ ask the recipient to send a PowerPoint presentation or report with research results. If we look at the website of the ‘organisation’, we see articles with results which they have not worked on, but they present them as though they are theirs.”

Every day the person who has the most right answers in the quiz and the person who did the wire loop game the fastest that day will receive a cyber security prize. The only thing the participants need to do is give their email address. We checked this and it is not a trick question.

  • October is cyber security month. The IT managers will be in different places to give information. The locations and times are listed on the intranet.
News editor Bas Koppe

Do you have a question or comment about this article?

Comments are closed.