Ransomware has been one of the top information security concerns for years, but in 2020 we have seen a disturbing new trend. In traditional ransomware attacks, data was encrypted and a University would have the opportunity to pay to have the data un-encrypted. Now the attackers will auction the data on the “Dark Web” if the ransom is not paid. In a recent, high profile case Michigan State University decided not to pay a ransom, thereby, releasing sensitive student information.
Basic Steps to Protect Lehigh from Ransomware attacks
- Data Hygiene – Reduce the amount of sensitive data that you store. Don’t keep 6 copies/versions of a file with sensitive data.
- Data Backups – Make sure your data is backed up. Store your data in one of the centrally managed network storage locations so your data is appropriately backed up and can be restored if lost.
- Keep Lehigh Data at Lehigh – Don’t put sensitive Lehigh on your home computer! This makes your home computer a target to organized crime and violates our data security policies.
- Security Training – Enroll in the Be Well Security Training course. The course is a series about 20 short (~3 min) videos that cover the basics of how to protect yourself and Lehigh.
If you have any questions or concerns please contact the Office of Information Security at email@example.com.