Posted by: on June 12, 2020 at 12:00 pm

Image of MSU Spartan logo

What’s the most important thing we can learn from the MSU ransomware attack?

Maybe you heard that Michigan State University got hacked a couple of weeks ago. (We understand if you missed it; there’s a lot of everything going on.)

Maybe you know that it was Netwalker ransomware. Maybe you know that other major colleges also fell prey to this specific attack.

And now, maybe you’re wondering, if MSU could get ransomware, could it happen to me? (Short answer: Unfortunately, yes.)

Maybe you’re also wondering how you can prevent your business from getting ransomware. This is a good instinct. But there’s more to protecting your business than ransomware prevention.

It Doesn’t Matter How MSU Got Ransomware

The plain truth is, it doesn’t matter how MSU got ransomware.

We’re not going to go full doomsday and tell you to just give up, go lie down on the floor with a washcloth over your eyes.

But the unfortunate truth is that you can set up everything exactly right and still get ransomware. It’s rare; protections do work. Precautions like antivirus and antispam email filtering, the right firewall settings, multi-factor authentication, and policies about funds and information sharing all play a huge role in protecting your business computer network.

But tactics change. Hackers adapt quickly. They use anything and everything they can to separate you from your money. The precautions that protect your network today might miss the brand-new thing that pops up tomorrow.

We don’t know how MSU got infected. But, in this case as in most, it’s what happens next that matters.

What MSU Did Right

We’re definitely in armchair quarterback territory here, but from what we can tell, MSU did several things right:

  • They shut down the affected workstations and servers as soon as they detected a problem. This prevents the infection from spreading.
  • They contacted local law enforcement and are working closely with the FBI.
  • They notified those whose personal information was compromised.
  • They refused to pay the ransom, on the advice of the FBI.
  • They had a data backup system already in place and are able to restore their data.

Backups Are Critical

Configuring a backup system for your data is critical to surviving a ransomware attack. All of the other security precautions – antivirus, MFA, firewalls – are preventative. They are designed to stop an attack from happening.

If ransomware gets through, backups are your last line of defense for getting your business back on track. If your files get encrypted and you don’t have another copy somewhere, how do you get the data back? You don’t. You have to recreate it from scratch, go without, or pay the ransom and hope the criminals who attacked you have some sense of right and wrong. (Have fun with that last one.)

We’ve talked a lot about backup systems. Does your business have one? Is it properly safeguarded? Who makes sure that your data backups run? That the data can be restored?

If you’re not sure, make an appointment with TAZ Networks today.

Attributions: Spartan Helmet, By Source, Fair use, via Wikipedia.

Schedule An Appointment

    * Required fields

    Blog Archive