Security breaches from hackers can not only identify vulnerabilities in your servers but result in a loss of business, trust, and potentially having sensitive information shared online by ransomware actors.
Two recent breaches by a ransomware gang illustrate the cyber dangers facing organizations.
Ransomware group Clop recently published some of the data they managed to obtain from 447 of the 35,000 students at the University of Colorado and patient data from the University of Miami.
Bleeping Computer identified that cybercriminals from ransomware group Clop have been targeting Accellion FTA servers with the sole aim of stealing sensitive data. Since contacting both the University of Miami and the University of Colorado, the group has demanded the transfer of $10 million in Bitcoin not to release the data.
They started to leak the information they gained access to pressure the organizations to pay and meet their demands.
How Was The Data Breached?
The data breach has been traced back to Accellion, a third-party provider of hosted file transfer services. Officials from Miami have released a statement acknowledging the university was investigating a ‘serious data breach. It is believed that the breach was limited to files only moved by Accellion that were too large to send via email. No other servers have been affected by this breach.
The University of Colorado has said:
“While the full scope has not yet been determined, early information from the forensic investigation confirms that the vulnerability was exploited and multiple data types may have been accessed, including CU Boulder and CU Denver student personally identifiable information, prospective student personally identifiable information, employee personally identifiable information, limited health and clinical data, and study and research data.”
Security Attacks on Universities
Universities have traditionally been a soft target due to the lax security in place to facilitate free movement of thoughts and ideas. This data breach comes as no surprise to those in the industry as cybersecurity takes a back seat to the openness encouraged on campus. That doesn’t mean that they don’t take any breaches seriously.
Cybercriminals targeted educational institutions due to the rapid expansion of remote learning and working that followed the onset of the COVID-19 pandemic.
Ransomware attacks such as this are not only plaguing institutions such as universities but the general population too. The attacker’s ability to monetize their ill-gotten gains puts everyone at risk. The more they can get away with accessing vital and identifying information on others, the longer they will continue down this path. The only difference in this scenario is that the released information wasn’t encrypted. Instead, they chose the exfiltration of data.
Protecting Against Data Breaches
Prevention is better than firefighting, and in this case, the cost of putting out the fire was a ransom of $10 million in Bitcoin. Installing a Next-Generation firewall will offer a better protection level and help prevent serious cybersecurity threats. Consulting with a Denver IT company will help you explore your options.
Segregate networks, ensure your system is set up to identify and minimize ransomware attacks, and always keep backups in case of a total data loss due to a successful ransomware attack. Remember to regularly train and stress the importance of employee behaviors regarding cybersecurity and their actions online, as in some cases, this is how the ransomware has managed to access the servers.