Déjà vu: Cyber Criminals Launch New Ransomware Attack
Cyber criminals are at it again. (Truthfully, cyber bad guys never sleep.) Just weeks after the WannaCry ransomware attack threatened organizations around the globe, a new ransomware exploit—called “Nyetya” by the Cisco Talos threat analysis team—has grown from roots in the Ukraine to spread across Europe and to the U.S. and Asia, affecting organizations of all types, including government agencies, banks, and transportation and manufacturing facilities. (To date, no education institutions have reported a Nyetya attack, but keep an eye on the latest from Cisco Talos for updates.)
Nyetya enters vulnerable systems and encrypts the master boot record, spreading from there through the network. As was the case with WannaCry, regular software patching is an early line of defense; those systems that don’t take advantage of regular patches are most vulnerable.
“Prioritize cyber-hygiene,” that is, ensuring regular software patching and rigorous password management, is one of three guiding security principles I wrote about in my blog about WannaCry: Held for Ransom(ware): Protecting Your School—and Data—from Current Cyber Threats. The importance of prioritizing cyber hygiene and two other security principles, “assume that breaches have taken place” and “build user awareness,” are proven best practices for schools, colleges, and universities working to ensure security and protect data; these security principles are relevant, and essential, regardless of what a cyber threat is called. You can read more in the Cisco whitepaper Tackling the Ransomware Threat: Guidance and Recommendations for Schools and Universities. You can also find more information about Nyetya, and learn how to protect your campus and those who live and work there from any ransomware threat, here.