As part of our ongoing commitment to cybersecurity, we want to share insights from recent security incidents affecting universities. The following examples underscore the importance of vigilance and proactive measures to safeguard our work environments. Let’s delve into the breaches and explore steps we can take to protect our data:

University of California, San Francisco (UCSF) Ransomware Attack

What Happened? In March 2024, UCSF fell victim to a ransomware attack. Malicious actors encrypted sensitive data, leading to a payment of $1.14 million to regain access.
Lesson Learned: Regularly back up critical data to prevent data loss during ransomware attacks. Educate employees about phishing emails and suspicious attachments.

University of Maryland Global Campus (UMGC) Data Breach

What Happened? UMGC suffered a breach affecting 300,000 students and staff. Unauthorized access exposed personal information, including names, addresses, and social security numbers.
Lesson Learned: Implement robust access controls. Limit access to sensitive databases and regularly audit permissions. Encrypt stored data to mitigate risks.

University of Colorado Boulder (CU Boulder) Email System Compromise

What Happened? Cybercriminals attacked CU Boulder’s email system, gaining unauthorized access to faculty and student accounts.
Lesson Learned: Enable multi-factor authentication (MFA) for email accounts. MFA adds an extra layer of security by requiring a second form of verification.

Protecting Our Work Environments: Best Practices

1. Stay Informed: Regularly review security updates, advisories, and threat intelligence. Awareness is our first line of defense.
2. Strong Passwords: Use complex passwords or passphrases. Avoid reusing passwords across accounts. ** Note: While some users use their University email address to sign up for services, your University password should never be used to authenticate to those sites and services. **
3. Phishing Awareness: Be cautious of suspicious emails, especially those requesting sensitive information or urging immediate action.
4. Data Encryption: Encrypt sensitive data at rest and in transit. Encryption prevents unauthorized access even if data is compromised.
5. Access Controls: Limit access to critical systems. Regularly review permissions and revoke unnecessary privileges.
6. Backup Data: Regularly back up critical files. Test data restoration processes to ensure backups are reliable.
7. Multi-Factor Authentication (MFA): Enable MFA wherever possible. It significantly enhances account security. ** Note: This is good practice for your personal accounts as well. **
8. Incident Response Plan: Develop and practice an incident response plan. Know whom to contact in case of a breach. When in doubt, the OIT helpdesk is always available for guidance.

Remember, cybersecurity is everyone’s responsibility. By following these practices, we contribute to a safer work environment and protect our valuable data. Stay vigilant, stay secure!