NCSAM Special Edition: Ransomware 101

by Elizabeth Parsons, IT Services

For our first installment of National Cybersecurity Awareness Month (NCSAM), we are taking a deeper look into the very real dangers of ransomware, what impact it has on higher education, and what we’re doing about it at Miami.

But first: What is ransomware? Let’s take a step back and define some key terms and important concepts for this special edition of NCSAM news.

What’s in a name: Ransomware

You’ve heard of malware: malicious software that creates havoc on your computer systems and generally makes it difficult to use your devices. A Trojan horse is the quintessential example of malware that can take over a system and shut down programs – making your computer basically unusable.

Dark monitors with green type marching across; quintessential iconography for cybersecurity

Ransomware is a more sophisticated kind of malware (as though malware itself wasn’t scary enough) that gets into your files and encrypts them, making it impossible to access your data until you acquiesce to one or several demands. When you hear “ransom,” maybe it conjures images of hastily scrawled notes with instructions to bring bags of money to a remote location in order to rescue a kidnapped family member. Ransomware works in much the same way, except the “family member” is your personal data (or files containing your data) and instead of bags of money, you are expected to wire exorbitant amounts of cryptocurrency to a malicious actor’s account. Basically, your files are being held hostage.

You can imagine the issues this causes, especially when those files belong to a business. Many organizations have no choice but to close their doors either temporarily or permanently due to loss of revenue and reputation. And even if a business does choose to pay the ransom to have their files unencrypted, there is no guarantee that there won’t be a loss of data.

Higher education pays the ransom

A laptop with a Miami-red screen

Ransomware presents a real threat to higher-education organizations. In a survey of higher-ed IT professionals, nearly two-thirds of institutions reported ransomware attacks in 2021. The attacks are getting closer, becoming more sophisticated, and growing more frequent. Earlier this year, Lincoln College shut down after a devastating ransomware attack disrupted the recruitment and admissions processes and fundraising activities for the school.

“Ransomware attacks against higher education totaled over 1,000 in 2019 and 1,681 in 2020,” said John Virden, chief information security officer (CISO) and assistant vice president of security, compliance, and risk management at Miami. “Some even choose to pay ransoms in the six- and seven-figure range.”

The stark truth of the matter is that that kind of ransom can break an institution. And that’s why it’s critical for us to spread information about how to combat these types of threats.

It’s up to all of us at Miami!

At Miami, our Information Security Office has long advocated for greater education, more training, and higher awareness around cybersecurity topics. The danger of ransomware is real, yes, but we can combat it with education. One of the ways we have been spreading awareness about what to do if a ransomware attack occurs at Miami is by hosting “tabletop exercises.” During these events, participants are given real-life scenarios and asked to play out how they would respond.

The danger of ransomware is real, yes, but we can combat it with education.

“There aren't any 100 percent guarantees that we're safe from vulnerabilities or a disaster,” said Jake Harrison, security analyst with the ISO. “We can't predict the future. We can plan for these kinds of events, though, and we can test those plans through tabletop exercises.”

Essentially, the tabletop exercises are scenario-based discussions where participants talk through this kind of emergency situation. “Tabletops let us get input on our plans in the form of ‘what if’ questions, and give us the opportunity to talk about those questions without the building being on fire around us,” Harrison said.

In 2021, higher-education institutions were the slowest to recover from ransomware attacks, with an average remediation cost of $1.42 million. Exercises like these tabletop scenarios help us increase response times and decrease the danger.

“Think of them in a similar fashion to the fire drills we did in elementary school,” Harrison continued. “We would practice each step of the process to make sure we all ended up safe outside in our designated location.”

The tabletop exercises, more employee training, and greater awareness of how to be safe online are all part of maintaining a healthy cybersecurity posture, as well as key software and tools that the ISO uses to protect our systems. And the biggest thing to remember is that it’s all of our responsibility – as Miami employees and stewards of student data – to think critically about how we contribute to that overall security outlook.

“Vigilance on all our parts is key now more than ever,” Virden said. “And protecting your data helps us protect Miami’s data.”