According to an alert recently issued by the UK’s National Cyber Security Centre, colleges and universities worldwide are at increased risk of being targeted by a ransomware attack like the one that recently hit Colonial Pipeline and global meat supplier JBS. While ransomware attacks are certainly nothing new, they have been enjoying a surge of popularity as growing numbers around the world gravitate to their use.
From the perspective of the hackers, it’s easy to understand the attraction. Most hackers gain access to target networks, especially in the education ecosystem, is by exploiting weak passwords and unpatched vulnerabilities in Remote Desktop Protocols (RDP) and VPN’s. Unfortunately, in most cases, by the time network security personnel are aware that there’s a problem, the damage has already been done.
The NCSC made the following recommendations to help prevent, or at least mitigate the damage caused by ransomware attacks:
Make sure RDP, VPN’s and all cloud-based services are secured by utilizing multi-factor authentication and that technology is in place to help detect suspicious activity on your network.
Be sure that all the software you use has the latest security patches applied
Take regular backups of all critical systems and test your backup recovery routine to be sure you can recover your files with minimal downtime.
Unfortunately, none of these steps will guarantee that you won’t fall victim to a ransomware attack. However, it will certainly make it harder for the hackers to compromise your network, and if they do, you’ll be well-positioned to mitigate the damage and get your business back up and running.
It’s sound advice that all organizations, regardless of type should follow. Kudos to the NCSC for keeping a watchful eye out for the danger, and for being quick to alert everyone to it. Here’s hoping it’s enough.