Frame-14

Privacy Ninja

        • DATA PROTECTION

        • Email Spoofing Prevention
        • Check if your organization email is vulnerable to hackers and put a stop to it. Receive your free test today!
        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • AntiHACK Phone
        • Boost your smartphone’s security with enterprise-level encryption, designed by digital forensics and counterintelligence experts, guaranteeing absolute privacy for you and up to 31 others, plus a guest user, through exclusive access.

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$3,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Secure your digital frontiers with our API penetration testing service, meticulously designed to identify and fortify vulnerabilities, ensuring robust protection against cyber threats.

        • Network Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Mobile Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Web Penetration Testing
        • Fortify your web presence with our specialized web penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats.

        • RAPID DIGITALISATION

        • OTHERS

U.K. Warns of Surge in Ransomware Threats Against Education Sector

U.K. Warns of Surge in Ransomware Threats Against Education Sector

The U.K. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware incidents targeting educational institutions, urging them to follow the recently updated recommendations for mitigating malware attacks.

This warning comes after the NCSC investigated in August an increased number of ransomware attacks on schools, colleges, and universities in the country.

A recent study conducted in the UK found that a third of all universities suffered a ransomware attack.

This study did not include a recent DoppelPaymer ransomware attack at Newcastle University, who refused to take part in the initial study.

Targeted weaknesses

Apart from forewarning about ransomware threats, the government organization also provides the common initial infection vectors seen for this type of cyber attack:

  • Insecure Remote Desktop Protocol (RDP) configurations
  • Vulnerabilities in unpatched software and hardware devices, especially equipment on the network edge, such as firewalls and VPNs.
  • Phishing emails

Also Read: How To Make Effective Purchase Order Template Singapore

Once on the network, the attackers seek to move laterally searching for high-value machines to encrypt. Backups, network shares, servers, auditing devices, are all targets.

“While these have been isolated incidents, I would strongly urge all academic institutions to take heed of our alert and put in place the steps we suggest, to help ensure young people are able to return to education undisrupted” – Paul Chichester, Director of Operations at the NCSC

Effective defenses

The NCSC recommends having an incident response plan and implementing a “defence in depth” strategy, providing general tips for disrupting the most common ransomware attack vectors.

Effective vulnerability management and patching procedures, along with properly securing RDP services using multi-factor authentication are at the top of the list of recommendations.

Running updated antivirus software, having proper defenses against phishing, and disabling or setting up restrictions for scripting environments and macros can help thwart a large portion of cyberattacks, not just file-encrypting ones.

Implementing mechanisms for quick data recovery from up-to-date, valid offline backups are also included in the defense strategy against ransomware events.

For more specific action, the organization points to the recently updated guidance aiming to prevent malware attacks and to recover from ransomware incidents.

The spike in cyber attacks since schools all over the world started to resume activity has been noted by private security companies, too.

Kaspersky and Check Point published reports earlier this month about the education sector being a more frequent target since the beginning of the year, more so over the past two months.

In particular, the two cybersecurity companies noticed a surge in distributed denial-of-service attacks, although the threats varied from one region of the world to another.

Also Read: 9 Policies For Security Procedures Examples

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us