Ransomware represents a serious threat to daily operations at WashU. According to Unit 42, a cybersecurity consulting agency, at least 26 institutions endured ransomware attacks in 2020, with an average demanded ransom of $312,493. Healthcare organizations such as BJC are significant targets for ransomware attacks because they work with Personal Health Information (PHI) and other sensitive data. The consequences of data breaches involving this highly personal information are very serious, increasing the likelihood that the organization will pay the ransom. A ransomware attack generally consists of gaining access to an organization’s data or software through a vulnerability in software or through a phishing attack. After gaining entry, a cybercriminal deploys malicious software disabling functions of the network and stealing data, preventing the user from accessing it. Then, the cybercriminal demands a ransom to restore access to the network or to prevent sensitive data from being released. Cybercriminals can be just about anyone, ranging from individuals from all walks of life to large, organized organizations. In some cases, cybercriminals carry out attacks in the interests of national governments. Russian, Chinese, North Korean, and Iranian hackers have all attempted to carry out cybercrime to further their government’s interests, some of which have been successful.
How to protect yourself and WashU from ransomware:
- Be wary of any emails with attachments, especially from unknown senders.
- Cybercriminals gain access to devices by getting people to download malicious attachments disguised as pictures, receipts, or other attachments. Read our blog and newsletter to stay up to date on recent developments in phishing tactics and tips to stay safe from these attacks.
- Back up your devices and keep them updated. Regularly back up your data to the cloud to ensure you retain access to your data in the event of a ransomware attack. The security of your cloud storage is also an important consideration. Read about secure options available to the WashU community here:
- Turn on auto-updates for all your devices to prevent cybercriminals from using novel exploits to steal your data.