You may have seen in the news that Dundee and Angus College have recently fallen victim to a ransomware attack and had to take their IT systems offline. There is information about the attack on the college website and you can read related news coverage here and here.
Ransomware attacks are on the rise and Universities and Colleges are increasingly targeted.
The Dundee and Angus attack was an example of sophisticated ransomware called Ryuk. Ryuk uses encryption to block access to a system, device, or file until a ransom is paid. It is distributed through malware (trojans) and spreads quickly through a network. The threat usually arrives as an e-mail with attachments and/or links that when opened will encrypt files on your local PC, and in some cases, any network file stores that you have “write” access to.
It is important at this time to be extra vigilant. Do not click on any links or attachments in emails that are unsolicited or unexpected. Remember that malicious emails can sometimes come from compromised accounts e.g a Stirling account. Always treat attachments and links in emails with care.
Remember to watch out for key signs of a phishing email: bad grammar, bad spelling, unexpected sender, improbable content. Read more about how to identify bogus emails Phishing, Vishing and Smishing post.
You can also browse more examples of phishing emails in our New Phishing Attack post.
See how an effective ransomware attack comes together in Cisco’s Ransomware – Anatomy of an Attack video.
If you are ever in doubt about the authenticity of an email, please don’t hesitate to forward it to the Information Centre (details below) and we can advise you. If you do receive an email from a possibly compromised Stirling account, it helps us if you can also forward it. We can often take action to block further occurrences and remove the offending email from university inboxes.