Message from Fiona Ryland on cyber security and ransomware

There has been a lot in the news about ransomware lately. You may have seen that there has been a significant rise in targeted attacks against Universities around the world. Recently in the UK both Northumbria and Newcastle Universities have had ransomware infections causing significant disruption.

Ransomware is the fastest growing malware threat that we face at the moment, targeting users of all types—from the home user, businesses and universities alike. We do have security controls and technology in place to proactively protect both you and UCL, but we also need all of you to be vigilant. 

What is ransomware?

Ransomware is a type of malicious software (malware) that locks a user out of their computer or files until a ransom is paid. The ransomware typically displays a message letting the victim know that they have been locked out of their machine and data, along with instructions for how much and how to pay. If the device is connected to UCL’s network it can spread rapidly, locking out other devices as it spreads. 

Ransomware is often spread through use of stolen login credentials, malicious links and harmful attachments in emails; however, this is not the only mechanism. Other sources include vulnerable applications and files, and adware/spyware.

How to protect yourself and UCL

The following good cybersecurity habits will help to protect you from ransomware, and many other cyber threats as well:

1. Back up critical files, and store the backups in a physically separate and offline location from the originals. The ISD provided storage solutions (including the N: and S: drives that most Desktop@UCL users will be using) are routinely backed up both online and offline. If you have data stored locally, such as the C: drive or on removable storage, make sure you regularly back this up. If your files are backed up, you can get technical assistance to restore everything back to your computer and you won’t lose anything important. Remember to test your backups periodically - backups are useless if they don’t work. 
2. Always think twice before clicking on links or opening attachments. even if they look like they're from someone you know. Whenever possible, go to web pages by a path you know is legitimate instead of clicking on a link in a message. If an attachment is unexpected, contact the sender by a method you know is legitimate to confirm they sent it. This small extra effort is one of the best ways to keep your devices and information safe.
3. Keep a clean machine! Keep your devices, apps and browsers patched and up to date and ensure your device is running Anti-Virus software and that it is configured to auto-update. Recent attacks have taken advantage of unpatched/out-of-date operating systems. All Desktop@UCL machines are automatically updated and local IT Teams will make sure your systems and applications are up to date. However, if you manage your own devices, you should use the public updating services of the device vendor, operating system and applications that you have.
4. Protect your passwords, and use multi-factor authentication wherever possible. Also use different passwords for university and non-university activities. UCL staff can use LastPass,a password manager that allows you to store all of your passwords encrypted in one place. 
5. If it’s suspicious, report it! This is an important habit in general; if something doesn’t seem right, ask. With respect to ransomware, if you think a device or files you use for work have been infected with ransomware, report it to the UCL Information Security Group as quickly as possible, with ransomware time is a critical factor.

What should you do if you get ransomware?

Please urgently contact the UCL Information Security Group by email at isg@ucl.ac.uk or by calling 0207 679 7338 (internal 37338).

Best wishes,

Fiona Ryland
Chief Operating Officer, UCL

More about cyber security

• Visit Information Security’s website for more technical advice
• Find out more about ransomware from the National Cyber Security Centre