Ransomware attack: Is the university at risk?

| Michaela Nesvarova

Do you have good backups of your files? You might want to check. Since its discovery on Friday, the WannaCry ransomware attack has affected over 200,000 people in more than 150 countries.

This massive ransomware attack, which began on Friday afternoon, exploits a security flaw in Windows XP. Once it infects a computer, it encrypts all files and its victims receive a demand for a payment of $300 in Bitcoin in order to regain access. The attack spreads by multiple methods, including phishing emails and as a computer worm.

Campus network protected

Given the large scale of this attack, we wondered if anyone at the University of Twente has been affected by it. ‘Luckily, everyone at the campus network is protected. We have systems that detect these types of attacks,’ says Willem Mulder from the SNT Helpdesk. ‘Based on the information we have, some people at the UT tried to open the attachments containing the ransomware, but it was caught by our system, and so there has been no damage. However, we can only confirm that this is true for the computers on the UT network, not for personal laptops.’

How to stay safe?

‘This particular ransomware takes advantage of the vulnerability of Windows, so it’s advisable to make sure your system is updated. Also, people should pay close attention when using a computer and not click on any attachments in unverified emails,’ warns Professor Hartel from the Services, Cybersecurity and Safety group at the UT. ‘To be safe, the best thing to do is to have good backups – that is the best remedy in this case.’

If you happen to be a victim of WannaCry or another ransomware, should you just pay as the attackers want? ‘The law-enforcement advises to never pay and I agree with that,’ says Prof. Hartel. ‘Because if the crime doesn’t pay up, the criminals will stop. However, if you are in a desperate need of your files, you might naturally think something different.’

Always at risk

According to many experts, another attack of the same type might be imminent. Is the University of Twente at risk? ‘We are always at risk,’ answers Mulder. ‘Although all systems are regularly backed up, there might be an attack for which there are no security measures in place yet.’

‘University has good backups, but we are at risk,’ agrees Prof. Hartel. ‘Even with good backups, it takes hours or even days to rebuild a computer from scratch, which could delay many things, such as payments. In general, don’t open any strange attachments and keep your system up-to-date, which keeps the risks to the minimum.’