Ransomware: An online menace

Ransomware is a type of malware that can lock users and organizations out of their data and infrastructure. Attackers then demand payment to return access to and not expose affected data. Ransomware has immense impact on any institution — from shutting down operations to losing years of research.

Ransomware has become one of the biggest cyber threats globally. In fact, a recent report shows that there was a 104 per cent surge in ransomware attacks last year in North America and a 105 per cent increase globally.

Many organizations are losing billions of dollars to these attacks, trying to regain access to their stolen data. According to a study by Telus, almost half of surveyed Canadian organizations that suffered a ransomware attack paid the hackers in hopes of getting their data back, and most of them did not regain access in the end.

How does ransomware affect the University of Toronto?

With the current geopolitical situation, it is likely that ransomware attacks could target the University and cause significant damage to the University and its community.

How can I protect myself and my data from ransomware?

Here are some resources to help you stay secure online and protect your data.

  1. Don’t click any links, download attachments or engage with the sender if you receive a suspicious email. Also, do not forward or share the email with your colleagues and other contacts.
  2. Ensure you set up unique and strong passwords for all your personal and professional accounts. Strong passwords are your first line of defence.
  3. Multi-factor authentication (MFA) adds an additional layer of security to your accounts. It also enables you to work remotely with confidence. Enrol in U of T’s UTORMFA to stay secure online.
  4. Make sure you backup your device and store the data where they are protected from access by others. If you lose your data due to a ransomware attack or a malicious person corrupts your data, your backups are critical for recovery.
  5. Report suspicious emails or computer activity to report.phishing@utoronto.ca and then delete it from your inbox. If you have already clicked on a link or attachment, please contact security.response@utoronto.ca.

If you work with self-managed devices (home computers, laptops, phones, etc.) and access institutional data, ensure you secure your devices by taking the following steps:

  1. Use supported versions of operating systems.
  2. Patch and update the operating system and software/applications regularly (ideally automatically) to correct security vulnerabilities.
  3. Have fully enabled, automatically updating anti-virus software.
  4. Protect devices with a strong password and/or biometrics.

Visit the Ransomware Risk page for more information on to prepare and protect data, devices and users.

Keep visiting the Security Matters website regularly for tips and information on how to stay secure online.

Additional resources about ransomware

Information security news roundup: Ransomware on the rise in Canada

Cyber attacks have increased at an alarming rate with the current geo-political situation being a major contributing factor. The National Cyber Threat Assessment 2020 published by The Centre for Cyber Security suggested a potential increase across Canada in cyber crimes, ransomware and commercial espionage — particularly against businesses, academic institutions and governments to steal intellectual property and proprietary information.

Let’s look back at some interesting information security and ransomware related news in recent months.

Two Canadian Universities hit by cyber attacks

Simon Fraser University and Lakehead University reported that they were hit by cyber attacks in February.  Although the universities did not confirm whether it was a ransomware attack, they advised students and staff to monitor their accounts, change their passwords and enrol in multi-factor authentication (MFA).

Data breaches can result in the loss of personal, institutional and other sensitive information. Learn how to enrol in MFA to add an additional layer of security to your online accounts.

Hackers getting clever with phishing emails

It is often said that hackers stay one step ahead of you by constantly changing their tactics. In a recent blog post by Mount Royal University, it was reported that phishing emails with fake invoices from MasterClass (an online educational platform) were sent to the university community and hackers asked recipients to respond with their credit card information for a refund.

Often, phishing emails are made to look like they are from a legitimate source, which can lead recipients to respond, causing further damage. Check out the Phish Bowl for examples of phishing emails received by members of the University of Toronto (U of T) community to help you identify and report suspicious emails.

Ransomware attacks increasing at an alarming rate in Canada

A recent article published by MaRS explained how ransomware attacks have been increasing in Canada with small businesses losing up to billions to cyber attacks. In fact, a survey done by Canadian Internet Registration Authority (CIRA) also found that nearly 70 per cent of Canadian organizations that experienced ransomware paid the hackers to regain access to their data.

Last year, U of T launched a ransomware awareness campaign called Expect Ransomware to provide the community with resources, tips and tools to protect their accounts and to stay secure online.

Ransomware is a an ongoing and evolving cyber threat. Stay tuned for the Expect Ransomware 2.0 campaign launching soon that will provide you with updated resources, tips and tools to protect yourself and your loved ones online.

Federal government may make reporting cyber attacks mandatory

Public Safety Minister Marco Mendicino has said that the federal government might make it mandatory for Canadian businesses and organizations to report cyber attacks. Mendicino also emphasized that the current geo-political situation has increased the threat of cyber attacks.

Staying safe and secure online can be done through simple but effective steps. Explore the educational resources on the Security Matters website to learn how to stay secure online.

Bonus read: Isaac Straley, U of T’s Chief Information Security Officer has called for a revamp of the national cyber security strategy in an op-ed published in The Hill Times.

Information security news roundup: Ransomware attacks, text message scams and cyber security training

In recent years, headlines about information security incidents have become increasingly common both nationally and internationally. Cyber criminals steal passwords, personal information and other sensitive data through various types of cyber attacks. Staying up to date with cyber security news and knowing how to stay safe online will help protect your personal information.

Take a look at some interesting information security related news in the recent months.

Making ransom payment no assurance of getting data back: Telus

Ransomware attacks have been making headlines almost daily around the world. According to a recent study by Telus, almost half of surveyed Canadian organizations that suffered a recent ransomware attack paid the attacker in hopes of getting their data back, however, most did not get access back to their data.

Ransomware attacks can have significant impact – in the worst cases, shutting down operations entirely and risking loss of critical information. Learn how you can protect yourself from ransomware.

Winnipeg Regional Health Authority warns public of text message scam

The Winnipeg Regional Health Authority (WRHA) reported that people are receiving text messages claiming to be from the WRHA, asking recipients to click on an e-transfer link. This scam was reported to the Canadian Centre for Cyber Security.

This form of phishing that uses fraudulent text messages is called “smishing”. Learn more about the types of scams and frauds and how to protect yourself.

Panasonic Canada acknowledges cyber attack

Japanese electronics conglomerate Panasonic has reported that its Canadian operations were struck by a cyber attack in February after ransomware-as-a-service (RaaS) gang Conti leaked its data to the dark web. The company confirmed that action was taken to address the issue with assistance from their cyber security experts and service providers.

Check out the educational resources on the Security Matters website to learn how to stay safe online.

Cyberbreach at Rideau Hall was ‘sophisticated’ intrusion, internal documents reveal

In December 2021, Rideau Hall reported a breach of internal networks in the office that supports the governor general. Now, new documents have revealed the breach was a sophisticated cyber incident, although the office was unable to confirm the extent of the information that was accessed.

Cyber breaches can lead to loss of sensitive data and reputational damage. Timely reporting of incidents can help mitigate their impact.

University of Calgary and Raytheon Canada partner to open new cybersecurity training centre

The new Canadian Cyber Assessment, Training and Experimentation Centre (CATE) will support students in building their skills in cyber security.

At U of T, building a security aware culture is critical for protecting individuals and the university against security threats. Recently, the University partnered with the Canadian Internet Registration Authority and ORION to pilot an Information Security Awareness platform as part of building a security aware culture at U of T.

For more tips on staying safe online, visit the Security Matters website.