Ransomware: What Is It and How Does It Happen?

While new cyber threats, like deepfake phishing and MFA bombing, are on the rise, older types of threats remain a big danger. Understanding what these threats are is vital to protecting your personal data and UF’s digital environment.

A particularly damaging threat is ransomware — a type of malware that prevents users from accessing their device and the data stored on it. This is usually done by encrypting the files on that device—it can happen on your smartphone, laptop, or PC. The malware is typically introduced through a traditional social engineering scam like phishing. Ransomware attackers claim that if the user pays some amount of money — a ransom — then the attacker will provide the decryption key needed to restore the data. In reality, the hacker may or may not provide that key…even after the victim pays.

If losing access to your data is not bad enough, ransomware attackers often steal copies of the data before they encrypt it and then threaten to release what they’ve found unless the victim pays the ransom. Think about what it would mean for someone, somewhere, to have your personal photos, emails, and documents stored on your device.  Even if you paid to get them back, a year or more later the ransomware attacker could come back and threaten you again with an extortion demand or just decide to put everything they stole from you on a website.

According to Verizon’s 2024 Data Breach Investigations Report, email is one of the most common methods for attackers to carry out “system intrusion” attacks, like ransomware and extortion. Recognizing the signs of phishing, such as strange email addresses, urgent and unusual requests, and suspicious links, can help protect you from a ransomware attack. Regularly backing up the files on your computer to a cloud or external drive can also be helpful if you fall victim to an attack.

UFIT offers several options for cloud file storage at no cost for faculty, students, and staff through the GatorCloud. To learn more about how to back up your entire computer, with both cloud and local options, visit https://security.ufl.edu/learn-security/protect-my/computer/#backup.

Increasing in Higher Ed: Malware Attacks

Malware attacks against higher education increased by 26% last year. With a reported 191+ million malware attacks in 2022 in the state of Florida alone, cyber-awareness is as important on college campuses as writing skills and advanced math knowledge. Cybercriminals frequently target universities through malware attacks to steal sensitive and restricted data, such as student and employee social security numbers, protected health information, and credit card information. Malware is malicious software or code that steals, encrypts, and/or deletes sensitive information after being introduced to a device through phishing emails, compromised flash drives, fraudulent websites, and peer-2-peer file sharing sites. According to SonicWall, the 10 most common malware file names are:

1. purchase order.exe
2. soa.exe
3. invoice.exe
4. swift copy.exe
5. quotation.exe
6. img-order-confirmation-pdf.exe
7. payment copy.exe
8. ziraat bankasi swift mesaji.exe
9. shipping documents.exe
10. new order.exe

If you receive what you think is a suspicious email or an email with one of these .exe files attached, do NOT open, reply, or click any embedded links or files. Report suspicious emails received in your GatorMail inbox using the phish alert button. Faculty, students, and staff can become better cyber equipped by taking the free training available through the UF Information Security Office.

Two New UFIT Brochures for Campus

UFIT has new brochures on two of our most popular services.

2022 UFIT Help Desk Flyer
Besides updating services and support available, the UF Computing Help Desk flyer also sports a new, alternative name: the UFIT Help Desk. Both names are still correct, but the UFIT Help Desk is a modernized nickname that has become a common reference…so we’ve built the nickname into the 2022 flyer graphics.

2022 HiPerGator Trifold Brochure
The 2022 HiPerGator trifold brochure was developed for use inside the UF Data Center (UFDC). Getting a tour of the UFDC and HiPerGator Room has become a significant component of the research faculty recruiting process. The new trifold brochure gives potential faculty hires, along with state government officials and other constituents visiting the data center, an updated accounting of the compute power, number of cores available, storage, and speed of HiPerGator 3.0 and AI.

When Should You Use UF’s VPN?

The University of Florida’s
Virtual Private Network
(VPN) enables faculty, staff, and students who are off-campus to securely access UF services that are generally only available when connected to the campus network. In layman language, the VPN provides a secure “tunnel” that routes your computer’s network traffic through the UF network. Since the university’s response to COVID-19 began, usage of UF’s VPN has grown significantly. However, it is not always necessary to use the VPN to achieve the goal of secure access. This is because many of the university’s campus-wide services are hosted off-site and accessing via the campus network is not required. Here’s a list of when the UF VPN is — and is not — needed:

Use the VPN to access:
Departmental drives and network files
UF library resources
Remote Desktop
myIRB

Do not use the VPN to access:
myUFL
ONE.UF
University of Florida email systems
UF SharePoint sites
Microsoft Teams
Skype for Business
Zoom
UF e-Learning (Canvas) content
OneDrive
UF DropBox
UFApps

Anyone with questions about how and when to use the UF VPN should contact their local IT staff. The UFIT Help Desk can also answer questions about using the UF VPN.

Save Time with Pre-Assessed “Fast Path Solutions”

UF’s Integrated Risk Management
(IRM) program was created to support the university’s mission of teaching, research, and service by providing faculty and staff with a single point of contact for their digital business tools and solutions needs.

IRM’s foundation is Fast Path Solutions, a comprehensive list of pre-assessed software and computing environments. The Fast Path Solutions are searchable by product name or by software category. Faculty and staff working with non-restricted data may use the Fast Path Solutions without additional review by UF administrative, compliance, and risk management offices.

Several Fast Path Solutions are pre-assessed for use with restricted data, but faculty and staff are still required to register restricted data use to ensure the proper collection, transmittal, processing, and storage of restricted data on campus. Additional review may be required for software and computing environments using restricted data not listed as a Fast Path Solution.

Fast Path Solutions are one of a series of enhancements currently underway to streamline the review of risk and compliance across UF. The IRM team invites you to visit the https://irm.ufl.edu/getting-started/ webpage. Your feedback is also welcome! Please email questions or comments to IRM@ad.ufl.edu or phone the IRM team, 352-294-2589.