#1.2839793

USU alerted of increased ransomware targeting

Utah State University received an alert Tuesday from the Federal Bureau of Investigation warning of an increase of ransomware targeting higher education institutions. 

The FBI alert stated that the PYSA ransomware, also known as Mespinoza, is a malware capable of exfiltrating data and encrypting users’ files. The unidentified cyber attackers hold and encrypt the data for ransom payments.  

Eric Hawley, USU’s chief information officer, said students and faculty need to be “internet skeptics.”

“Of course, the best defense is to avoid the exposure to the bug in the first place,” Hawley said. “We still wash hands, even if we have a great immune system. Don’t gain a false sense of confidence. Avoid the bad stuff, even if you have technological protections in place. Recognize and resist phishing and scam attempts.”

Hawley said USU has multiple measures in place to avoid malware. 

“USU now deploys a new form of anti-malware/anti-virus software on university computers that access sensitive information. It is next-generation anti-virus software that utilizes artificial intelligence to detect and block unusual activity, much like a well-functioning human immune system,” he said. 

Hawley said there’s a few things students and faculty can do to prevent ransomware at USU. Be cautious of email links, use multifactor authentication programs like Duo Mobile, never reuse passwords, keep software updated and back up data. 

“USU is a community — it takes all of us,” Hawley said. “Great ‘cybersecurity hygiene’ practiced widely, individually, creates community safety. We each have a responsibility.”

According to the alert, those who have information or have been affected by the attacks should contact the FBI immediately. The FBI does not recommend paying the ransom. 

“Payment does not guarantee files will be recovered,” the alert reads. “It may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware and/or fund illicit activities.”

The FBI was first made aware of the PYSA attacks in March 2020. 

In August, the University of Utah was a victim of similar cyber attacks and had to pay $457,000 in ransom. Hawley said failures in attention and ignoring counsel were responsible.