Ransomware is a type of malware that can lock users and organizations out of their data and infrastructure. Attackers then demand payment to return access to and not expose affected data. Ransomware has immense impact on any institution — from shutting down operations to losing years of research.
Ransomware has become one of the biggest cyber threats globally. In fact, a recent report shows that there was a 104 per cent surge in ransomware attacks last year in North America and a 105 per cent increase globally.
Many organizations are losing billions of dollars to these attacks, trying to regain access to their stolen data. According to a study by Telus, almost half of surveyed Canadian organizations that suffered a ransomware attack paid the hackers in hopes of getting their data back, and most of them did not regain access in the end.
How does ransomware affect the University of Toronto?
With the current geopolitical situation, it is likely that ransomware attacks could target the University and cause significant damage to the University and its community.
How can I protect myself and my data from ransomware?
Here are some resources to help you stay secure online and protect your data.
- Don’t click any links, download attachments or engage with the sender if you receive a suspicious email. Also, do not forward or share the email with your colleagues and other contacts.
- Ensure you set up unique and strong passwords for all your personal and professional accounts. Strong passwords are your first line of defence.
- Multi-factor authentication (MFA) adds an additional layer of security to your accounts. It also enables you to work remotely with confidence. Enrol in U of T’s UTORMFA to stay secure online.
- Make sure you backup your device and store the data where they are protected from access by others. If you lose your data due to a ransomware attack or a malicious person corrupts your data, your backups are critical for recovery.
- Report suspicious emails or computer activity to report.phishing@utoronto.ca and then delete it from your inbox. If you have already clicked on a link or attachment, please contact security.response@utoronto.ca.
If you work with self-managed devices (home computers, laptops, phones, etc.) and access institutional data, ensure you secure your devices by taking the following steps:
- Use supported versions of operating systems.
- Patch and update the operating system and software/applications regularly (ideally automatically) to correct security vulnerabilities.
- Have fully enabled, automatically updating anti-virus software.
- Protect devices with a strong password and/or biometrics.
Visit the Ransomware Risk page for more information on to prepare and protect data, devices and users.
Keep visiting the Security Matters website regularly for tips and information on how to stay secure online.