Colleges are becoming a more popular target for Ransomware Attacks as most of us work from home. In recent weeks, several colleges near us including two community colleges, have been victims of ransomware attacks, some of them resulting in class cancellations and closures, and significant financial cost; ransomware attacks, on average, cost in excess of three million dollars per attack.
What is Ransomware?
In ransomware attacks hackers take away access to computer resources and then demand money to restore that access. If that fails, the attackers then threaten to publicly release the confidential student and employee data to continue their extortion. Typically the first step in a Ransomware attack is gaining access via a Phishing attack.
What is Phishing?
Phishing attacks are email based attacks that attempt to compromise a user’s credentials by stealing passwords, or installing malware on their computer. Typically phishing emails have an embedded link, or an attachment. Fake OneDrive, Dropbox, Google Drive and the like links are often used. Often these emails attempt to entice you to click on the link or open the attachment with the promise of financial gain, really cute cat videos, or telling you a file has been shared with you. Other times, they may attempt to create a sense of urgency by claiming there is a problem, or masquerading as an email from a person of authority to get you to login at the fake link provided in the email so they can steal your password. Once you click, the ransomware software is downloaded to your computer and starts tunneling into your and our systems to steal information to resell (names, addresses, social security numbers, etc.) and/or lock your and our access to systems for ransom.
We have a new feature to our email system that allows reporting of suspected phishing. You may see this icon if you are running outlook:
Please be cautious with email, your MiraCosta password, and with your data. Watch this video for more information about Phishing. If you suspect you clicked on Phish or that your password may be compromised, please contact the Student Helpdesk.