Blog

Ransomware: are your systems well protected?

John Chapman

by John Chapman

 on

Jisc and other expert organisations have been issuing advice to help protect the education and research sector against a spate of ransomware attacks.  

Man studying computer screen
Creative Commons attribution information
Man studying computer screen
©Laurence Dutton via iStock
All rights reserved

We are running three webinars this week (16, 17 and 18 March) where we will share further information, and answer questions. 

Occurring at many organisations internationally, this recent increase in ransomware attacks follows the spate of incidents in late summer 20201, although it’s important to note that our sector is no more a target than any other.    

To help protect the Janet Network on which our members rely, we have put in place mitigations against multiple IP addresses via the Janet Network Resolver Service

How to protect yourselves

It is equally important that colleges and universities check that they have taken all possible steps to protect themselves. We've outlined the ten steps, and how our services can help with each of these, on our cyber security page.

Patch all Microsoft Exchange servers

Janet CSIRT issues evidence-based alerts, such as recent notifications about critical vulnerabilities in Microsoft Exchange servers. These vulnerabilities have the highest possible vulnerability score, meaning they are easy to exploit and that successful attacks will lead to full compromise of on-premise Microsoft Exchange services. It is therefore critical that all Microsoft Exchange servers are patched immediately.   

Implement two-factor authentication

Threat actors also target single-factor log-on with either stolen credentials, password stuffing or credentials acquired via phishing. Compromised credentials are being used to breach remote services, which has led to internal systems being affected. We strongly recommend implementing two-factor authentication2

Act on 'critical actions'

Security contacts at member organisations will have received notifications of critical actions from Janet CSIRT, so please ensure these are acted on. Jisc also used the Academia Group on the National Cyber Security Centre's CiSP platform. If you need access to CiSP please ask your security contact to request sponsorship from CSIRT.   

Further information

Sign up for one of this week's free online cyber security briefing events:

The Janet Network Resolver Service is included in Jisc membership

Members can gain further advice and guidance from our computer security incident response team (CSIRT). Contact irt@csirt.ja.net or call 0300 999 2340. 

A whole day at our forthcoming Networkshop49 is dedicated to cyber security. This year's event takes place online between 27-29 April 2021 and is free to Jisc member organisations. Book your place.

Footnotes

0 Comments

Leave your comment
(If you're a human, don't change the following field) Your first name.
(If you're a human, don't change the following field) Your first name.