Ransomware is a sneaky strand of Malware which infiltrates computers through email attachments, corrupted websites, and even physical USBs. There are billions of types out there – in fact, Webroot’s research suggests 92% are utterly unique.
Instances of infected businesses have risen dramatically – estimated at 300% globally – since 2015. According to the BBC, Universities are one of the groups hit hardest.
In fact, Bournemouth University was hit by Ransomware on 21 separate occasions, despite having a CyberSecurity Centre on campus. This just demonstrates how prolific and tenacious cyber criminals can be. Even the brightest minds can fall for phishing scam.
Cybersecurity firm SentinelOne spoke to 58 universities; 23 of those, or 40%, reported that they had been a victim of Ransomware in the last twelve months. Although most Ransomware requests just one bitcoin (£450), one University was asked for five (about £2,200). However, none of the Universities which were interviewed paid up – which is the right response.
In the report, Bournemouth University said: “It is not uncommon for universities to be the target of cybersecurity attacks; there are security processes in place at Bournemouth University to deal with these types of incident.” It also stated there had been “no impact” on the University’s ability to operate as a result of the attacks.
The report also revealed that Oxford – one of the world’s best universities – had no antivirus (AV) software in place. However, the ‘protected’ universities still suffered from ransomware attacks – which demonstrates that prevention isn’t enough.
And whilst the US government are telling businesses to prepare themselves through both preventative measures AND back-ups, the Cabinet Office is giving no such advice.
What do we suggest? Universities should be investing in Business Continuity planning which includes a BDR solution – ideally a Hybrid Cloud platform. That way, if Ransomware does strike, they can roll back to a previous backup, instantly. That means no downtime, and no hassle.
King’s College London commented: “King’s takes all forms of information security and compliance very seriously. In accordance with our IT Security and IT Network Policies, King’s College London use a variety of anti-virus solutions which are reviewed and changed as appropriate. As virus attacks are so prevalent we do not advertise our specific defences. Most requests of this nature are from vendors seeking information in order to sell us their products and services. For further information, relevant policies can be viewed in the Governance Zone on our website.”