Jisc and other expert organisations have been issuing advice to help protect the education and research sector against a spate of ransomware attacks.
We are running three webinars this week (16, 17 and 18 March) where we will share further information, and answer questions.
Occurring at many organisations internationally, this recent increase in ransomware attacks follows the spate of incidents in late summer 20201, although it’s important to note that our sector is no more a target than any other.
How to protect yourselves
It is equally important that colleges and universities check that they have taken all possible steps to protect themselves. We've outlined the ten steps, and how our services can help with each of these, on our cyber security page.
Patch all Microsoft Exchange servers
Janet CSIRT issues evidence-based alerts, such as recent notifications about critical vulnerabilities in Microsoft Exchange servers. These vulnerabilities have the highest possible vulnerability score, meaning they are easy to exploit and that successful attacks will lead to full compromise of on-premise Microsoft Exchange services. It is therefore critical that all Microsoft Exchange servers are patched immediately.
Implement two-factor authentication
Threat actors also target single-factor log-on with either stolen credentials, password stuffing or credentials acquired via phishing. Compromised credentials are being used to breach remote services, which has led to internal systems being affected. We strongly recommend implementing two-factor authentication2.
Act on 'critical actions'
Security contacts at member organisations will have received notifications of critical actions from Janet CSIRT, so please ensure these are acted on. Jisc also used the Academia Group on the National Cyber Security Centre's CiSP platform. If you need access to CiSP please ask your security contact to request sponsorship from CSIRT.
Members can gain further advice and guidance from our computer security incident response team (CSIRT). Contact firstname.lastname@example.org or call 0300 999 2340.
- 1 More detail on these incidents can be found in our blog from September 2020: New advice helps education and research community prevent ransomware attacks https://www.jisc.ac.uk/news/new-advice-helps-education-and-research-comm...
- 2 Detailed advice can be found in our blog from July 2020: Why having a strong password isn’t enough to secure your account https://www.jisc.ac.uk/blog/why-having-a-strong-password-isnt-enough-to-...