Education is a crucial element of society, so attacks on this sector are very attractive to hackers. And this is why they are now targeting universities.
Universities, of course, are huge organizations packed full of students and tutors. As a result, these groups generate massive amounts of data every day. This makes these establishments massive data centers. And it’s no surprise that hackers can’t resist testing their defenses. Their latest attack has targeted a specific cloud computing provider in the form of Blackbaud and has affected a number of universities worldwide.
You may not work in a university, but all malware attacks contain important lessons we can learn from. Let’s take a closer look and find out what happened in the Blackbaud attack.
Attacking the Cloud
Blackbaud, a global provider of administrative and financial software to educational institutions, was targeted and attacked in May. The attack in question used a ransomware strategy to disrupt operations and demand a ransom. The exact source of infection has not been disclosed, but it would appear that the hackers began encrypting data immediately. However, Blackbaud mounted a quick response and were able to expel the hackers before the data was fully encrypted.
Unfortunately, a significant amount of data had already been copied by the hackers. And this data was of a particularly sensitive nature. It does not appear that any credit card details were copied, but phone numbers and donation histories were confirmed to have been duplicated. Blackbaud, therefore, was forced to pay a ransom in order for the hackers to destroy their copy.
Avoiding Ransomware Attacks
The Blackbaud attack may not have been the most devastating of malware attacks, but any breach is cause for concern. And, given that this attack targeted several large universities, the number of individuals affected is huge. As with all malware attacks, though, it’s possible to negate these attacks before they take hold. All you have to do is follow these simple practices:
- Say No to Unverified Links: One of the hallmarks of ransomware attacks is the usage of malicious links. These links may promise to send you somewhere safe – such as your online banking page – but the true destination will be somewhere less safe. These malicious destinations are likely to attack your PC or install malware. Make sure that all links are checked and verified before clicking.
- Don’t Give Out Personal Data: Hackers will often facilitate their ransomware attacks by employing a social engineering strategy. The information gained from such an approach can be used by hackers to tailor phishing emails to appeal to you e.g. understanding who your phone provider is allows hackers to design emails from that specific provider. As a rule of thumb, never give out personal details to unsolicited callers.
- Always Patch and Upgrade: Ransomware attacks are often the result of software vulnerabilities being exploited. However, by installing all patches and upgrades as soon as they are available minimizes this risk. It may seem time consuming, but it can make a notable difference to the strength of your cyber defenses.
For more ways to secure and optimize your business technology, contact your local IT professionals.