When we hear “ransom,” we tend to think about wealthy kidnap victims and dropping off large sums of money at shady locations. Although it sounds like a nightmare straight out of a blockbuster film, hostage situations happen more often than you think in real life.

With advanced technology, the captors of today have new targets to take hostage. A clever hacker and an ill-guarded server are a terrible combination for sensitive data.

Let's look at why ransomware has become such a massive threat to universities.

What Is Ransomware?

photo of group studying at table

Ransomware refers to malicious software that allows scammers to take information hostage. The program encrypts targeted data, making it unreadable until the hacker hands over a “key” to decode the hostage information.

Attackers give a ransom to the victim, usually a large sum of money to be paid through cryptocurrency a specific time limit (generally between 24 and 48 hours). Upon receiving the requested ransom, attackers give the victims the key to decode the information—or so they say.

In some cases, hackers never hand over the keys. Since the entire transaction is illegal, there is not much you can do. Cryptocurrency doesn’t “do refunds” and is challenging for the police to track. The encryption used is often so complex that the targeted data is lost forever.

Typically, ransomware does not expose your data at all. Attackers usually don’t have any copies of your information; they just remotely “lock” it and have the “key” on a private server.

Software gets onto university computers in several different ways. Most often, fraudulent email campaigns sent to institutional emails are the culprit.

Why Do Universities Need to Worry About Ransomware?

Scammers target more than big companies. Ransomware attacks target several unsuspecting institutions, like healthcare services and research labs.

Whether you are writing your master’s thesis to a tenured professor you probably work with important data. Imagine spending months, or even years, working on a project—only to lose access to all of your data one day.

Scammers have already recognized the vulnerability of university members, meaning that many unfortunate scholars have faced these outcomes. Universities may have some funds, but many don’t have spare change lying around to deal with these ransomware attacks.

On an individual level, professors and starving students usually don’t have the money to meet these considerable demands that may cost millions of dollars.

Universities are a prime spot for research and rely on having access to data for this. Losing all this information could derail graduation, lose a publication, and waste thousands of dollars in funding money.

How Does Ransomware Affect Students?

photo of an annoyed student

Some competitive universities race with other institutions to beat their rivals to publications. A setback like a ransomware attack can destroy any chances of getting that publication first.

Imagine being that poor student whose months or years of research amounted to nothing on a smaller scale. You can’t publish information on what you don’t have. Students falling victims to attacks may need to start from scratch and extend the duration of their studies—which can easily cost thousands of extra dollars depending on your university.

How to Protect Yourself Against Ransomware

Prevention is the best approach to tackle ransomware, and, luckily, it is straightforward. Consider taking the following steps to avoid compromising your essential data.

Install Antivirus Software

Make sure that all university computers have robust antivirus software. While this software doesn’t block all malicious software, it is crucial for giving your devices their best shot at security.

Keep Data on University Computers

Many universities restrict which devices have clearance to store research data. Limiting data storage to these university-only computers helps ending up with malicious software accidentally downloaded after watching TV on a sketchy streaming site or clicking on a pop-up.

Sometimes, these computers are also completely offline, taking away any chance of encountering new data.

Screen Suspicious Emails

Don’t click any links or download any suspicious attachments on emails you are not expecting. Scammers may disguise their emails so that they look legit or scare you into opening them.

Pay attention when your university sends you warnings about different scams happening within your email network, as you may be next.

Invest in Cyber Insurance

Cyber insurance is a fantastic way to keep yourself protected, just in case. However, subscriptions are more of an institutional thing than an individual thing. Not all cyber insurance covers ransomware, so be sure to familiarize yourself with your contract. Premiums of insurances they do cover ransomware attacks may be hefty.

Mandate Cyber Security Training

Sometimes, many different people work with the same data. Everyone must know these risks so that somebody else’s actions don’t negatively impact a research project.

Cyber security training is essential for anyone that works with computers.

Back Up Your Data

Above all, back up all of your data. You should save your data in as many places as possible. This practice is good outside of the world of ransomware as it prevents you from losing all your information due to a faulty hard drive or misplaced laptop.

Many institutions recommend saving a copy on a local network, the cloud, and a protected external hard drive.

Action Points After a Ransomware Attack

classroom

If you get a notification that a ransomware attack occurred, be sure it happened before you take any extreme actions. Sometimes, it is just a threat.

As long as you correctly backed up the data, you usually have nothing too intense to worry about. However, it would help if you took measures to ensure no other data becomes compromised and alert your IT department about the threat.

If you need this data, talk to your IT department about your options. You may have insurance coverage, but keep in mind that sending the money does not necessarily mean the scammers will follow through with giving you the key.

Should I Worry About University Ransomware Attacks?

Ransomware attacks are rare, but they do happen. Taking the precautions to protect yourself against ransomware is simple and saves you tons of stress in the long run.

University students and faculty should be aware of these threats; several academic institutions have fallen victim to these scams. Make sure you're not the next to do so.