Defending against cyberattacks
Recently, theUniversity of Calgary was targeted by a cyberattack that demanded $20,000 in ransom payment. The attack resulted in 100 computers being infected along with widespread IT service disruptions that lasted nearly a week. Nipissing’s University Technology Services (UTS) team has been closely monitoring the situation and, along with universities across Canada, has offered its assistance to help our colleagues at UCalgary recover. Emerging from this malicious attack, however, is an opportunity to learn about these kinds of attacks and how we can work together to help reduce the risk of a similar attack.
The malware attack at UCalgary involved a form of cybercrime known as ransomware. Ransomware is the use of software to encrypt or scramble all kinds of files, rendering them inaccessible without a special key, which criminals attempt to sell back to the victim.
Most security experts and police agencies caution against paying ransoms, noting there is no guarantee the keys provided will work and that paying a ransom only encourages further attacks.
It is not known yet exactly when or how the UCalgary attack began. On Saturday, May 28, the school's wireless network, its e-mail and instant messaging systems and its authentication systems were brought offline. It also advised students, faculty and staff not to use university-issued personal computers.
The request to not use computers was lifted on May 30 and the information technology team at UCalgary worked around the clock to restore systems and services. Most services and systems were recovered by June 3.
What about Nipissing University?
Nipissing is not more, or less, vulnerable than any other university.
Other Canadian universities have dealt with similar kinds of ransomware attacks in the past two years that have impacted specific departments and individuals. Some systems and services can be restored using backup copies of information. In some cases, tools have been made available that have allowed information to be decrypted and recovered from individual computers.
Some data stored locally on personal computers or external data devices such as USB keys or hard drives, may not be recoverable after a ransomware attack.
What can we do to protect Nipissing University?
The best defense against malware and ransomware in general is vigilance and resilience. Most ransomware, but not all, is delivered to victims in the form of e-mail attachments or by visiting infected websites.
While Nipissing's security technologies such as e-mail security and anti-virus help prevent many of these attacks, some may get through as the volume of attacks continues to increase.
Nipissing University, along with other universities, has seen an increase in e-mails with malicious attachments and links over the past three months.
To help reduce Nipissing's risk, the help of the entire university community is needed. You can help by:
Being careful opening e-mail attachments or links. Email's can be spoofed, and email accounts can be compromised, so don't open email attachments that you weren't expecting, even if they are addressed from a colleague or friend. It doesn't hurt to call and get clarification. Many of these malicious emails have simple and enticing subjects like "hey check this out", "watch this, it's hilarious", or "important information enclosed".
Being careful with what websites you visit using your Nipissing University-issued devices
Keeping your anti-virus software up to date and enabled and avoiding turning off the provided security tools on your Nipissing University-issued device
Keeping your computer and key software such as your browser, Adobe Reader, Adobe Flash, Microsoft Silverlight or Java up-to-date with the latest version
Keeping critical data backed up on your Nipissing University network drive
Keeping copies of your key data in offline storage that is stored securely in a locked cabinet and encrypted if the data contains sensitive personal or other information
Refraining from using the same login name and password to access different accounts and websites
Enabling 2-step verification for an added layer of security to your Google Account
In addition to your efforts, UTS continues to work on several initiatives to improve our cybersecurity posture.