Ransomware warning Hackers are launching fresh attacks against universities, Keywords, Cybercriminals are increasingly targeting universities with ransomware attacks and academic institutions are being urged to make sure their networks are resilient enough to protect against them.
The warning from the UK’s National Cyber Security Centre (NCSC) the cyber arm of GCHQ – comes following a recent spike in hackers targeting universities with ransomware attacks during August.
In some instances, hackers have not only demanded a significant bit-coin ransom from victims of attacks, but they’ve also threatened to leak stolen personal data of students if they’re not paid.
The National Cyber Security Centre says it dealt with several ransomware attacks against universities that caused varying levels of destruction depending on the level of cyber-security the institutions already had in place.
A winning strategy for cyber-security (ZDNet special report) Download the report as a PDF (TechRepublic) And with colleges and universities gearing up to start the new academic year and welcome new students while already facing challenges because of the ongoing corona-virus pandemic.
They have been urged to make sure their cybersecurity infrastructure is ready to defend the additional challenge of a ransomware attack.
Paul Chichester, director of operations at the NCSC said that “This criminal targeting of the education sector, particularly at such a challenging time, is utterly reprehensible”.
While these have been isolated incidents, I would strongly urge all academic institutions to take heed of our alert and put in place the steps we suggest, to help ensure young people are able to return to education undisrupted.
We are absolutely committed to ensuring UK academia is as safe as possible from cyber threats, and will not hesitate to act when that threat evolves.
The Targeted ransomware attacks on the UK education sector alert details some of the most common attack infection vectors, including Remote Desktop Protocol s (RDP), phishing emails, and software and hardware that’s been left vulnerable due to lack of security patching.
Mitigation against ransomware attacks that universities are being urged to adopt include effective vulnerability management and patching, securing RDP services with multi-factor authentication, installing anti-virus software, and ensuring staff and students are aware of the risks posed by phishing emails.
It’s also recommended that universities have up-to-date and tested offline backups so that if systems are encrypted by a ransomware attack, they can be restored without paying a ransom to cybercriminals.
My stolen credit card details were used 4,500 miles away. I tried to find out how it happened The NCSC also urges universities to test how they’d respond to a ransomware attack by using the NCSC’s free Exercise in a Box tool, which allows organizations to see how their defenses would hold up against hacking scenarios based on real events.
David Corke, director of education and skills policy at the Association of Colleges said that “As the last six months have shown us, it has never been more important for colleges to have the right digital infrastructure in order to be able to protect their systems and keep learning to happen, whatever the circumstance”.
This needs a whole college approach and for a focus wider than just systems, it needs to include supporting leaders, teachers, and students to recognize threats, mitigate against them, and act decisively when something goes wrong. This guidance will prove incredibly useful for colleges to ensure that they can do just that”.
More on cyber-securities Ransomware, This essential step could help you make it through an attack How ransomware attackers are doubling their extortion tactics TechRepublic Ransomware. Why did one city choose to pay the ransom after falling victim 7 security tips to keep people and apps from stealing your data CNET 30 years of ransomware, how one bizarre attack laid the foundations for the malware taking over the world?
Thank you for reading. We hope this gives you a brief understanding of the latest news. Are you interested read about other latest technology-related news? Explore our Technology News blogs for more.
