In the News:
We live in an age where nearly everything is digital. Cybersecurity is not (nor has it ever only been) just about keeping your computer free from viruses. Our private communication, finances, purchase and browsing history, medical information, and more, are all available in places where those who may be motivated enough can steal it… if we, and those who store our data, don’t take the proper precautions.
October is National Cybersecurity Awareness Month and offers us an opportunity to focus our attention on how we can strengthen our protection against cyber threats and security breaches. Cybersecurity breaches can prove embarrassing to those victimized by them, especially when personal or private information is compromised; they can have dire results such as detriment to finances and even cause loss of life. In September, for the first reported time, someone died as the result of a ransomware cyberattack.
University hospital in Düsseldorf, Germany, was the victim of a ransomware attack that ended in the death of an emergency room patient whose treatment was delayed because the attack blocked access to vital records and forced caregivers to transfer her to a facility unaffected by the attack. While this severe result is not the norm for ransomware attacks, it brings to light the extreme risk involved in this specific type of cyberattack.
Hospitals have been a common target for ransomware due to the high level of data sensitivity they hold and the high level of motivation hospitals have to regain access to that sensitive data. While this may be the first publicized death due to ransomware, it was always a risk that someone might die if hospitals couldn’t access patients’ vital records.
Our Take:
Ransomware often not only holds sensitive information hostage unless the targeted victim pays to regain it but the attack often also includes a threat to publicly release the information (rather than delete it) unless the ransom is paid. This two-fold threat means that backups of sensitive data alone cannot fully protect an organization from a ransomware attack.
This attack is a tragic reminder of why cybersecurity is such a vital aspect of any functioning organization. Each user with access to a network can pose a risk to that network if they unwittingly download malicious files or don’t guard their credentials closely.
Northwestern University counts on its users to act responsibly by protecting their credentials and alerting the University to any suspected malicious activity. Northwestern University is home to the work and research of some of the world’s greatest minds, and the protection of that information is vital.
While cybersecurity is important year-round, it is at the forefront of our minds this month, not only as we participate in National Cybersecurity Awareness Month, but also as the annual kick-off “Secure Northwestern” efforts at Northwestern. Be on the lookout for helpful reminders and advice throughout the year to help keep our community cybersecure!
Recommendations:
- Guard your credentials closely. Never share your username or password with anyone. If you believe someone has access to your password, change it immediately by following Northwestern’s guidelines.
- Think before you trust a platform. Would those messages you send through a website or application prove embarrassing if they were to be shared publicly? Make sure you research the platforms you choose to use, and that you are cautious about the information you provide on them.
- Keep backups of your personal data on removable storage devices whenever possible.
- Keep your devices protected with up to date antivirus software. Northwestern University provides antivirus software free of charge for students, faculty, and staff.
- Learn more about Cybersecurity at Northwestern and read the “Secure Northwestern” newsletter to learn how to connect, protect, and Secure Northwestern.