UCL Hit by Ransomware
University College London (UCL) were the victims of a major ransomware attack that took place on Wednesday evening. The attack was so severe that the IT department had to restrict access to shared drives on the university’s network.
The IT security team at UCL believe that the network was exposed to the ransomware via a phishing email that was opened by some users. The malware then encrypted files on both local and network shared drives. UCL believes that this could be a zero-day attack as their security systems in place did not detect anything suspicious.
‘It is vital we all maintain a high level of vigilance when opening unexpected emails. If the email is unexpected or in any way suspicious then you must not open any attachment or follow any link in the email. Doing so may lead to loss of your data and very substantial disruption to the university,’ said the UCL Information Services Division (ISD).
The ISD have only allowed users to access files in read-only mode in order to reduce the ransomware spreading. The ISD stated that they are working to ensure that the malware has been contained and when they are confident that they have done so they will restore the affected drives from the most recent backup. Users have been told to report any suspicious emails that they may receive.
(Source: UCL Information Services Division)
Cloud Services Failing to Meet GDPR
According to studies carried out by cloud security firms, the majority of cloud services used around the world do not meet the required standards to be complaint with the EU GDPR, which puts them of potentially receiving massive fines.
The analysis was carried out on 23,000 cloud services between January 2017 and March 2017. It found little change in the way in which cloud services operate to achieve compliance with the GDPR. 67% of the services did not specify that the consumer owns their data in their terms of service, with 90% not supporting encryption of data at rest. Another worrying issue is that 41% moved data across geographically dispersed data centres. This puts firms that are using these cloud services at risk of receiving a maximum fine of 4% of their global annual turnover or £20m for serious non-compliances.
“It’s critical that organizations implement solutions that afford real-time visibility and control, data loss prevention, and threat protection for these services – and the many ecosystem services they connect to – to ensure that collaboration is not hindered and their sensitive data remains secure,” Netskope.
(Source: Infosecurity Magazine)
76% of Ransomware Attacks Strike Via Email
Email is still the number one ransomware threat to firms, with 76% of ransomware attacks starting with a malicious email. Email is one of the most used communication channels in many firms across the globe, which makes it a popular attack vector for attackers. Barracuda found from a survey that phishing and spear phishing is still a very worrying threat for organisations.
“Whether you are a mid-sized business with limited staff and resources, or a 10,000-employee organization with a dedicated security team and budget—we are all feeling the impact of these attacks,” said Hatem Naguib, senior vice president and general manager for the security business at Barracuda.
The results from the survey found that more than half of those who answered admitted to being targeted by malicious attackers, with 84% stating that their organisation felt a significant impact as a result. A vast number of organisations had been targeted on average by 5 different cyberattacks, and nearly half of these targeted more than 5 times.
Another study conducted by Barracuda found that 92% of people questioned are concerned about ransomware affecting their organisation, and nearly half (47%) of those questioned had already been a victim of ransomware. Around 1 in 5 admitted a temporary closure of business or a loss of customers altogether.
These phishing attacks rely massively on human error, organisations must ensure that they prepare with an effective and layered security strategy. Advanced threat protection and malware filtering at the gateway will help organisations to keep threats away from their network. It is very important for organisation to educate their staff in spear phishing attacks, to prevent them from being tricked into highly-personalised attacks.