Ransomware Taken to the Next Level How cyber attackers are evolving their tactics as IT teams improve their data infrastructure.
August 31, 2020
As we begin the Fall 2020 semester it is important to remember that although we are taking every step to prevent online cyber attacks, they can still happen. We have seen that malicious activity tends to increase during times when schools are re-opening and that is why we must constantly remain vigilant as we open the semester remotely.
One of the most common methods we see used by cyber attackers to extort money from their victims, is called Ransomware. This is where attackers, who has gained access to your Username and Password, take over your hard drive by encrypting everything so you no long have access it unless you pay a ransom. In most cases, you would simply pay the ransom and your files would be released. However, IT departments have learned to counter these attacks by backing up their data on to data backup servers. In the event one or more computers is infected with ransomware, they can simply destroy the infected hard drives and install a new ones with the latest data backups. In the end the data is saved and the user does not have to pay the ransom.
Unfortunately, this is no longer the case as cyber attackers have ramped up their tactics to counter the data backup hurdle. We are now seeing that once they encrypt the files and set the ransom, they then threaten to publicly disclose the sensitive data if the ransom is not paid. The victim(s) will need to pay the ransom in order to prevent the compromised data from being disclosed even if the hard drives are replaced. To make things worse, even after the ransom is paid there is no guaranty the attacker(s) will keep to their end of the bargain.
For an example of this emerging ransomware trend, please see University of Utah Pays Ransom to Avoid Data Disclosure.
So what can we do to stay safe online? There are a few simple ways that we can continue to protect our sensitive data (private and professional).
- Be very cautious about opening attachments in emails. If the email seems suspicious, follow your gut and report it as phishing to our Information Security team at IS&T. They can confirm if an email is malicious or legitimate for you.
- Use a strong password that is not easy to crack. In this case we would recommend using a passphrase as it will increase the complexity of the your password as well as make it easier for you to remember.
- Register your Chapman account on Microsoft’s Two-Factor Authentication (2FA). 2FA provides an extra layer of protection against unauthorized users from accessing your account even if your username and password are compromised.
For more information about Information Security and Cyber Safety at Chapman University, please visit Chapman.edu/security.