Ransomware - what is it?
Ransomware is a type of malicious software, or malware, that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data.
You can unknowingly download ransomware onto a computer by opening an email attachment, clicking an ad, following a link, or even visiting a website that's embedded with malware.
Once the code is loaded on a computer, it will lock access to the computer itself or data and files stored there. More menacing versions can encrypt files and folders on local drives, attached drives, and even networked computers.
Most of the time, you don’t know your computer has been infected. You usually discover it when you can no longer access your data or you see computer messages letting you know about the attack and demanding ransom payments.
Incidents of Ransomware on the Rise at Universities, Academic Medical Centers and Hospitals
The University of California San Francisco (UCSF) acknowledged that it paid a $1.14 million ransom to stop a malware attack that encrypted some IT servers within the health system’s School of Medicine.
Patients of a Vermont Hospital Are Left ‘in the Dark’ After a Cyberattack - The New York Times - The New York Times - Breaking News, US News, World News and Videos
The hackers typically work for profit. The F.B.I. estimated that the cybercriminals, who use ransomware called “Ryuk,” took in more than $61 million in ransom over a period of 21 months in ...
Burlington, Vt. -based UVM Medical Center revealed the cybersecurity incident it suffered in October was a ransomware attack, but the health system didn't pay, according to a report in the ...
In September, systems at the University Hospital New Jersey (UHNJ) were encrypted with the SunCrypt ransomware, threat actors also stolen documents from the institution and leaked a small portion of them online. The UHNJ is a New Jersey state-owned teaching hospital with over 3,500 employees that was established in 1994. The hospital has a $626 million budget with over 172,000 annual ...
The ransomware attacks appear to be fallout of the breach of Accellion’s file-transfer application, which both universities have used.
FBI offers tips to protect yourself and your organization from this growing threat.
Awareness of IT device protection
UW-Madison Cybersecurity, SMPH and DOM IT doing to prevent Ransomware?
- Monitoring computers for suspicious activity
- Keeping computers up to date, patched
- Encrypting computers
- Backing up data saved to the DOM network
- Only DOM IT can install software, this is enforced by removing administrative rights on DOM computers to prevent malicious code and programs from running and starting a ransomware attack
- Removing administrative rights is required for all data service requests at UW-Madison
- Removing administrative rights satisfies the UW-Madison Cybersecurity requirements for the risk management framework and cybersecurity operations (National Institute for Standards and Technology (NIST) and the Center for Internet Security control
- Requiring multi factor authentication (DUO) to systems with PHI (DOM Citrix, DOM REDCap)
And what can you do?
- The best way to avoid being exposed to ransomware—or any type of malware—is to be a cautious and conscientious computer user. Malware distributors have gotten increasingly savvy, and you need to be careful about what you download and click on
- Bad actors are creating false email accounts and sending messages to faculty and staff - beat this by taking the time to check the senders email addresses
- Department Chairs, Administrators, and Division leadership will never request faculty and staff to buy personal gift cards, these types of emails are scams, check the from email address for suspicious spoofing of leadership
- Avoid clicking on links in emails
- Do not open attachments from unknown senders
- Verify sender email addresses prior to performing any clicks
- When in doubt delete or check with the DOM IT Helpdesk
Create strong passwords and do not share your password with anyone
|Include phrases comprised of typical English words, in uncommon combinations (e.g., poolpartyladderplatypus)|