Ransomware Revisited

Over the last few weeks, there has been quite a bit of discussion about ransomware, and specifically about an incident at Monroe College in Westchester.  Monroe was hit by a ransomware attack that severely impacted a wide variety of college activities, including classes.  The attacker is demanding $2 Million to restore the college’s data and software.  Here’s an article that describes the incident.

 

While it’s not clear at this point exactly how the attack occurred or whether Monroe will be able to recover without paying the ransom, a couple of points do jump out from this incident and some recent conversations I’ve had with industry experts:

 

  1. Colleges are targets.  This is a fact. Research has proven that educational records are highly sought-after loot, especially at the college and university levels.   Colleges like FIT hold lots of personal information and engage in lots of financial transactions with other entities.  There is plenty here to attract attackers.
  2. Attackers are doing their homework.  Increasingly attackers will look at social media and news sources to identify good targets, and craft their phishing and other social engineering to be really credible.  In 2016 ransomware became a billion-dollar industry, and it has grown since then.  When that much money is involved, attackers become trained professionals.
  3. Ransom demands are getting larger.  Hackers used to demand 10’s of thousands of dollars in return for data.  Now, 7-figure demands like the one at Monroe are not uncommon.  As mentioned before, attackers are doing their homework, and they choose targets that often don’t have a choice but to pay.

 

What can you do?

 

  1. Don’t store data that you care about on your local PC drive.  It’s not backed up, and if your PC is hit by ransomware, it will be lost.  If data on our servers or in Google is hit by ransomware, we will be able to recover it.
  2. Be careful what you share on social media, at conferences, etc.  Academia is a collaborative environment, but sharing details about who administers systems or security weaknesses you perceive invites hackers to come in.
  3. Take our online security awareness training when it’s offered, and if you happen to click on one of our educational phishing exercises, take the time to read the information about how to keep yourself safe.  We also have lots of good information about phishing, which is the primary way that ransomware gets into institutions, on our Cybersafe Website.

 

Stay aware and stay cybersafe! 

 

About Cybersafe

The Division of Information Technology is dedicated to informing the community of the latest cybersecurity threats. Visit fitnyc.edu/cybersafe and stay tuned for emails from [email protected] for the latest from the Cybersafe campaign at FIT.

 

Walter Kerner

Chief Information Security Officer

Division of Information technology

Read past issues of the CISO Updates Newsletter here.