Cybersecurity is an ever-changing and evolving landscape.  There are always new threats to watch out for, in addition to ones that have been circulating for the last few years.  In particular, the Cybersecurity Team at Marist IT is very concerned about recent increases in ransomware attacks, especially against Colleges and Universities.

Ransomware has been a cyber threat since 1989, long before most computers were connected together through the Internet.  The tactics have changed as the computing world has become more connected, and the goals have changed as well.  These attacks used to be simply about money.  The software would lock a computer and demand payment to unlock it - this was a way for inidividual criminals, organized crime groups, or terrorist organizations to get funds.

30 years later, these activities are now effective at stealing large volumes of data or disrupting business operations.  The ransomware software not ony locks computers and servers, but also runs programs to exfiltrate information.  Also, a successful ransomware attack can bring down an entire business, as the software can replicate it itself across an entire organizational network, and often IT Departments have no choice but to shutdown all servers and user devices in order to properly stop the spread, investigate, and remove the malicious software.

Here at Gone Phishing we want to keep all members of the Marist Community safe from ransomware and other cyber threats.  Keep your devices and data safe by following some simple tips:

• Watch out for email - review the postings on this website for real examples of malacious emails and learn how to spot them.  Be especially cautious of any email that includes an unsolicited attachment, asks you to download a file, or directs you to a website that you do not recognize.
• Don't give out personal information - sometimes attackers will use a phone call instead of an email.  This is to try and gather personal information or account logins, which could then lead to your accounts or machine being compromised.  
• Keep your computer and software updated - for all your devices, make sure they are updated regularly and that you are running the most current versions of software.
• Use security software - all Marist-issued computers come with software that helps detect malicious acitivty on your computer.  You should also protect your personal computer with commercially available anti-virus and anti-malware software.
• Only use trusted hardware - attackers often load malicious software onto USB keys or removable hard drives.  Never plugin hardware you don't own yourself, and by mindful of where you purchase these tools from.  Often, a low cost piece of hardware that you find on Amazon is just an efficient way for attackers to deploy viruses and malware.
• Keep business separate - for employees, be sure to only use your Marist-issued computer for business-related activities.  Whever possible, use a completely separate device for personal activities, such as banking, shopping, and social media.

Finally, remember to report any suspicious activity:

• Report suspicious emails to phishing@marist.edu
• Immediately contact the Help Desk at x4357 or helpdesk@marist.edu if your machine is exhibiting any unusal behavior, such as pop-ups you cannot close or applications that are running slower than normal.

PS  Here is an article about the the first known ransomware, which was distributed by floppy disk:  https://www.pri.org/stories/2017-05-17/strange-history-ransomware