Ransomware targeting higher education
The FBI Cyber Division has issued a flash warning of increased PYSA ransomware activity targeting educational institutions, and shared a list of recommended mitigations to help detect and block PYSA attacks.
Save password-protected copies of system backups offline.
Retain multiple copies of sensitive or proprietary data and servers in a physically separate, secure location such as a hard drive, storage device, or on the cloud.
Practice network segmentation.
Update operating systems, software, firmware and antivirus programs as soon as updates are available.
Use multi-factor authentication.
Use strong and unique passwords.
Disable unused remote access ports.
Use least privilege administrative access.
Secure your Wi-Fi and VPN.
Provide cyber awareness training to staff.
In addition to your normal incident response protocols, please contact CTREmergencyNotification@mass.gov with any incidents or suspected incidents of fraud or cyber attacks, or if you need assistance with Internal Controls.