August 24, 2016
You don't need a degree to get Ransomware - but it helps
Ransomware is a sneaky strand of Malware which infiltrates computers through email attachments, corrupted websites, and even physical USBs. There are billions of types out there - in fact, Webroot’s research suggests 92% are utterly unique.
Instances of infected businesses have risen dramatically - estimated at 300% globally - since 2015. According to the BBC, Universities are one of the groups hit hardest.
In fact, Bournemouth University was hit by Ransomware on 21 separate occasions, despite having a CyberSecurity Centre on campus. This just demonstrates how prolific and tenacious cyber criminals can be. Even the brightest minds can fall for phishing scam.
Cybersecurity firm SentinelOne spoke to 58 universities; 23 of those, or 40%, reported that they had been a victim of Ransomware in the last twelve months. Although most Ransomware requests just one bitcoin (£450), one University was asked for five (about £2,200). However, none of the Universities which were interviewed paid up - which is the right response.
In the report, Bournemouth University said: “It is not uncommon for universities to be the target of cybersecurity attacks; there are security processes in place at Bournemouth University to deal with these types of incident.” It also stated there had been “no impact” on the University’s ability to operate as a result of the attacks.
The report also revealed that Oxford and Kings College London - two of the world’s best universities - had no antivirus (AV) software in place. However, the ‘protected’ universities still suffered from ransomware attacks - which demonstrates that prevention isn’t enough.
And whilst the US government are telling businesses to prepare themselves through both preventative measures AND back-ups, the Cabinet Office is giving no such advice.
What do we suggest? Universities should be investing in Business Continuity planning which includes a BDR solution - ideally a Hybrid Cloud platform. That way, if Ransomware does strike, they can roll back to a previous backup, instantly. That means no downtime, and no hassle.