Ransomware is on the rise and you have an important role to play in protecting U-M!!! Cybercriminals and other threat actors continue to ratchet up ransomware attacks on universities, healthcare providers, and other organizations. This summer Michigan State University and the University of California San Francisco, among others, have reported recent attacks.
Ransomware attempts often begin with a phishing email. When the recipient opens an attachment or shared document or visits a malicious website, ransomware or other malware is installed on their computer. It can then infect and encrypt files on their computer and systems. In other cases, attackers gain access to install ransomware on a system that is exposed to the internet through vulnerabilities in software that is not kept up-to-date.
Once systems are infected, the threat actor demands a ransom (usually to be paid through cryptocurrency) to restore your access. They may also threaten to publish or delete the data if you don’t pay.
You can help protect the university from ransomware by doing the following:
- Recognize and avoid falling for phishing and suspicious email.
- Keep your software up-to-date. Apply software updates promptly, and ensure that security software (such as antivirus) is running and up-to-date.
- Back up your data. See Back Up U-M Data for requirements if you are responsible for managing university data and/or systems that store it.
See Ransomware: Don’t Pay the Ransom! and Ransomware Mitigation for additional details, and print and post this 8-1/2 X 11 inch poster—Poster: Beware of Ransomware!. Digital signs are also available.
