• Office of the Comptroller

Ransomware targeting higher education

The FBI Cyber Division has issued a flash warning of increased PYSA ransomware activity targeting educational institutions, and shared a list of recommended mitigations to help detect and block PYSA attacks.

  • Save password-protected copies of system backups offline.

  • Retain multiple copies of sensitive or proprietary data and servers in a physically separate, secure location such as a hard drive, storage device, or on the cloud.

  • Practice network segmentation.

  • Update operating systems, software, firmware and antivirus programs as soon as updates are available.

  • Use multi-factor authentication.

  • Use strong and unique passwords.

  • Disable unused remote access ports.

  • Use least privilege administrative access.

  • Secure your Wi-Fi and VPN.

  • Provide cyber awareness training to staff.

In addition to your normal incident response protocols, please contact CTREmergencyNotification@mass.gov with any incidents or suspected incidents of fraud or cyber attacks, or if you need assistance with Internal Controls.

24 views0 comments

Recent Posts

See All


William McNamara, Comptroller of the Commonwealth

One Ashburton Place, 9th Floor, Boston MA 02108


For your protection, please do not email personal information (e.g. Social Security Number, Bank Account Number, Passwords).

For assistance, please call us at

(617) 727-5000

  • Twitter
  • Facebook
  • LinkedIn
  • Instagram