Tuesday, July 7, 2020

Ransomware continues to threaten scientific research

The recent IT Security Incident at UCSF reminds us that ransomware attacks continue to threaten scientific research on our campuses. Ransomware has been a threat to our community for many years -- our 2016 blog post on the topic is still relevant. Sophos (via REN-ISAC) provides a detailed analysis of the Netwalker ransomware that is being used in recent attacks. Additionally, the NIST Cybersecurity Practice Guides on Data Integrity (SP 1800-11 and SP 1800-26) include advice on preparing for ransomware (and related) attacks, including configuration change control, backups, encryption, integrity checking, audit logging, monitoring, and incident response planning. Also, the National Student Clearinghouse Ransomware Playbook provides a reference process for handling Ransomware incidents.

Do you have concerns about ransomware? Resources or best practices to share? Join our email discussion list.