While ransomware is nothing new, it's been popping up more and more in higher ed. Each week brings news of colleges and universities that have fallen victim to ransomware attacks. Some hackers demand payment, while others steal personal data (to sell to identity thieves). Whatever the motives are, school systems around the country have been the targets of recent attacks.
Here are four things you can do to protect yourself:
Back it up. Daily.
Use a data backup and recovery plan for all critical information. Perform (and test) regular backups to limit the impact of data or system loss and to expedite the recovery process. Know that network-connected backups can also be affected by ransomware. Critical backups should be isolated from the network for maximum protection.
Follow cybersecurity best practices.
Things like keeping your operating system and software up-to-date with the latest patches are crucial. Vulnerable applications and operating systems are the targets of most attacks. We have many tips on our best practices page.
Be aware of the phish.
Phishes are tricky, do not follow unsolicited Web links in emails. Check out our Phishing resources for more information.
Install anti-malware tools.
Maintain up-to-date anti-virus software, and scan all software downloaded from the internet before executing.
Lastly, know these are not guarantees. You should adhere to the adage of "not if, but when" and be sure to have a backup plan in place.
If you want to know more about ransomware, see our robust ransomware resource page and, as always, you can reach out to security.berkeley.edu if you have any questions or concerns.