At the risk of appearing to hammer the topic to death it is time to take another crack at warnings about Ransomware Malware attacks.
This time of year is potentially even more challenging to IT managers and users alike as everyone is rushing to get things done before the holiday season really locks in. It means that normal caution can easily be thrown away as people try to clear their email, deal with online activities and perhaps not take that extra two seconds that avoidance can take.
Why now? Simply because the predators can. A recent IT World Canada article outlines how late last month Carlton University had over 3000 of their computers affected, some in research labs by an attempted ransom ware attack. It appears that the IT people got it under control pretty quickly and it was isolated to only a portion of the university network.
It did mean however that thousands of students, faculty and administrators were unable to use the network for a period of time while the details of the attack were sorted through. Eventually, users were advised they could login to their network but many hours of productive time was lost due to the issues.
Another attack in Calgary saw that university paying out $20,000 to the ransomers. Again much time and effort was expended to deal with the circumstances. These are just two of the known instances where Canadian organizations have been impacted by such attacks.
The are for certain many others where users and organizations have not publicized their problems with malware.
For some reason Canada is reported as being more prepared to send compensation for removing the attack when compared to other jurisdictions. Why this would be the case is subject to speculation but unfortunately if it gets known in the perpetrators world it could lead to Canadian targets becoming even more frequent.
The first line of defense is the users on the network. Encouraging everyone to take a little time to investigate whether an email from an unfamiliar source is legit. If a user is not CERTAIN of the sender then the default response should be to NO OPEN IT. Either delete it and take the chance someone legit has to try again, or contact IT support to have it checked out.Read More