Institutions of higher education often pride themselves in looking toward the future and in continually pushing toward the cutting edge of what we know today, but they should be equally aware and equally dedicated to effectively managing vulnerabilities in the present. There is a cyber terrorism threat re-emerging in 2019 that has had substantial effect across the U.S. that holds educational networks as a prime target. There was a nearly 200% increase in the number of ransomware attacks in the first quarter alone targeting schools, hospitals, and other institutions housing a substantial network and with access to private or financial data.
As the name implies, ransomware is a subset of malware that seizes the user’s access to, or the function of, data on the infected computer, network, and even contingent backups that may be linked to the infected system by encryption. Once the malware has infected their target network, the hackers demand a ransom payment in trade for the returned function of the victim’s systems and information. In the case of an attack, the victim must decide how to respond with no guarantee of a sure outcome. If the ransom is paid, they are forced to rely blindly that the offending hacker will decrypt the victim’s data and return them to a functional state. If the ransom is not paid, then the victim faces the cost of recompiling and verifying its data, which can cost hundreds of thousands of dollars in resources and labor. How much is a firm willing to pay for the chance to recover its data, how much the firm can afford to spend repairing its systems after an attack, and how the payment of a ransom affects the precedent for future attacks are all questions to be answered when analyzing these kinds of threats.
While many of the victimized entities in the recent past have been small government and school districts and some healthcare centers, there is reason to believe that colleges and institutions of higher education are also at an increased risk of ransomware targeting. Institutions with a high number of access points, have access to financial information, and are grouped under one network are the most common recipients of ransomware targeting. Some attacks have been a result of direct access, however it is more often the case that phishing emails and similar methods expose the threat to many parts of the network and increase the chances that the malware can enter the network through what is often a combination of unprepared network security ad human error. In August of this year, a private university in Colorado was forced to shut down its entire IT infrastructure for as a result of a ransomware attack. Estimates for the cost of these attacks in this year alone range up to $186 Million (USD).
Prevention of these attacks requires the combined effort of the user base as well as on proper network security. Because the attacks are originating at both the user level and through remote tactics like remote desktop access, institutions that leverage large networks of user devices should take the same angle in their defenses. Educating the user base about proper identification of phishing and other malware is imperative to the data security and continued function of their network. However, having a solid network security system in place can prevent many of the brute force and other attacks directly on the systems in use. In summary: in the face of a ransomware attack, there is a miniscule chance that one will be able to ensure the complete and secure recovery of the data and information that the malware targets. The costs of reconciliation are substantial, and often coincide with scrutiny of reputation and other intangible costs. Prevention is the most effective way to avoid this calamity, and this particular possibility should be given more careful attention as it is proving to be on the rise.
Credit: CBSNews, BusinessWire
© De Angelis & Associates 2019. All Rights Reserved.