Protect Trinity against cyber attacks
You may have seen in the news that NUI Galway is the subject of an attempted cyber attack. NUI Galway are investigating the incident and as a precautionary measure they have disabled access between their campus network and the Internet, impacting all their students and staff. We are keeping a close watch on the situation in NUI Galway and continue to closely monitor our network, Internet connection and IT systems at Trinity.
This attack follows attacks on two Irish Higher Education Institutions in April and the HSE ransomware attack in May. These attacks are continuing to cause disruption and we all have to continue to be very vigilant to protect the IT systems we use at Trinity for teaching, learning and research, and the important data on these sites.
Ransomware is at the root of these cyber attacks and is an attack that can encrypt files or take copies of the data on anything from an individual PC all the way up to an entire network of IT systems. Ransomware is commonly spread via a simple email message. These are fraudulent phishing emails that will contain either an infected attachment with malware or a link to the scammer’s website.
The cyber criminal is looking for just one of us in Trinity to take an action and click on what looks like an innocent attachment that will, when opened, download malicious software onto their PC that can then encrypt Trinity IT systems across the network. Below we have answered six questions regarding ransomware, phishing and what you need to know to protect us all against these types of cyber attacks.
1. What is ransomware?
Ransomware is a type of malware, where scammers aim to trick their targets into downloading malicious software on their computers in order to encrypt their files or lock them out of their devices. If you fall victim, the scammer demands you to pay a ransom in order to recover your files and/or regain access to your device.
Learn more at: https://www.youtube.com/watch?v=kAfO4Rg2In4
2. What is phishing?
Phishing is a form of online fraud. Scammers use phishing emails to trick you into giving away important information, such as your login details. They can then use these to access your own data, or data that you have access to, putting the entire University at risk.
Learn more at: https://www.tcd.ie/itservices/security/phishing.php
3. How can I identify a phishing email?
It is easy to be alarmed by a phishing email, they are designed to get us to act without question. They may appear to come from a legitimate business that you have previously dealt with or a colleague. Remember to stay cautious, always take your time and consider the validity of the email.
Learn more at: https://www.youtube.com/watch?v=da9Cb6w3b58
4. What should I do if I receive a phishing email?
Please report any email that you believe is phishing to the IT Service Desk (firstname.lastname@example.org/ +353-1-896-2000) and delete it. Treat any email that asks for your username and password with extreme caution.
5. What should I do if I have fallen for a phishing scam?
If you think you have fallen prey to a phishing email, immediately:
- Change your password
- Report the incident to the IT Service Desk (email@example.com / +353-1-896-2000)
6. How can I protect my computer, my data and Trinity IT systems?
- Stay current on software security updates for your devices. To make sure you are up-to-date, you can run a manual installation today. Instructions are available at https://www.tcd.ie/itservices/security/software-updates.php
- Make sure you have McAfee anti-virus software installed on your devices and ensure they are running up-to-date virus definitions. Instructions are available at https://www.tcd.ie/itservices/security/kb/ensecurity.php
- Backup your data, files and devices regularly – this will help you recover the latest version of any lost or damaged data should you fall victim to ransomware. See https://www.tcd.ie/itservices/security/data-backup-file-management.php
- Do not download or open files from unsolicited emails. If you receive an email with attachments that you were not expecting, check with the sender before acting on the email.
- Remain vigilant and report any unusual activity to the IT Service Desk.