In April, the writers here at Gone Phishing posted a new announcement about the evolving threat of ransomware.  Just in the last few weeks, there has been widespread reporting about ransomware attacks causing great disruption.  These include the Colonial Pipeline, and public health systems in Ireland.

The Cybersecurity Team at Marist IT continues to be concerned about ransomware attacks.  Although details about recent attacks have not been fully disclosed, it is most common that these attacks begin with phishing emails.  These emails are specifically crafted to capture login names and passwords.  This information is used to login to Marist resources and attempt to infiltrate the computing environment.  Often, these emails are attempting to steal social media credentials, under the assumption that many peopel resuse their passwords, and any username/password combination could lead to access to mutiple types of services, both personal and professional.

We generally care about all electronic information - both Marist College business data and and any community member's personal electronic information.  We want to keep everyone safe from ransomware and other cyber threats.  Remember these simple tips:

• Watch out for email - review the postings on this website for real examples of malacious emails and learn how to spot them.  Be especially cautious of any email that includes an unsolicited attachment, asks you to download a file, or directs you to a website that you do not recognize.
• Don't give out personal information - sometimes attackers will use a phone call instead of an email.  This is to try and gather personal information or account logins, which could then lead to your accounts or machine being compromised.  
• Keep your computer and software updated - for all your devices, make sure they are updated regularly and that you are running the most current versions of software.
• Use security software - all Marist-issued computers come with software that helps detect malicious acitivty on your computer.  You should also protect your personal computer with commercially available anti-virus and anti-malware software.
• Only use trusted hardware - attackers often load malicious software onto USB keys or removable hard drives.  Never plugin hardware you don't own yourself, and by mindful of where you purchase these tools from.  Often, a low cost piece of hardware that you find on Amazon is just an efficient way for attackers to deploy viruses and malware.
• Keep business separate - for employees, be sure to only use your Marist-issued computer for business-related activities.  Whever possible, use a completely separate device for personal activities, such as banking, shopping, and social media.

Finally, remember to report any suspicious activity:

• Report suspicious emails to phishing@marist.edu
• Immediately contact the Help Desk at x4357 or helpdesk@marist.edu if your machine is exhibiting any unusal behavior, such as pop-ups you cannot close or applications that are running slower than normal