As one of many fallouts from the Russian invasion of Ukraine, cybercrime analysts warn that Russia is likely to set its sights on the United States with phishing and ransomware at the forefront of cyberattacks. In response, Keith Werner, University of North Carolina System Office chief information officer, has directed all UNC institutions to be hypervigilant.

More than 90% of successful cyberattacks start with a phishing email, and NC State has already seen an alarming increase in phishing attacks over the last several weeks. If you fall prey to a phishing lure, you could expose yourself and university data to ransomware, where cybercriminals hold your data hostage for a huge financial ransom. 

If you work with university research data in any capacity, this is especially critical!

According to REN-ISAC, “as small communities that hold vast amounts of personal and research data, higher education and research is a prime target for nation-state attacks.”

NC State needs every member of the Pack to report suspected phishing attempts and implement a strong backup strategy immediately as a proactive, pre-emptive measure. Per SECTION 38.13.(a) of the North Carolina Senate Bill 105 / SL 2021-180, the university is not permitted to pay ransoms. So if you follow a bad link and are then held hostage by ransomware, you will have lost your data — putting both you and the Pack possibly in harm’s way. 

If you do fall victim to a cyberattack, report the incident immediately to the NC State Help Desk so it can keep others from falling victim to it.

Prevent Cyberattacks

Here’s what you can do to safeguard yourself against an attack:

• Report any suspicious email activity using the report phishing feature in Gmail.
• Be suspicious not only of emails but also of text messages and Google comments. 
• Remain vigilant and use extreme caution when opening emails or texts from unknown senders, and think twice before opening attachments or clicking URL links. If you receive a message from a known sender but the message seems odd, don’t respond. Instead, contact the sender directly using known, reliable means.
• Be proactive with your local IT support staff:
  • Ask what backup strategies are available to you in the event of data loss.
  • Ask if you need to patch or update any of the systems or devices you use to access university data.
• Create good security questions and answers.
• Use passphrases as strong passwords, and never use one password for more than one account!
• Use a password manager: You can use the university’s enterprise LastPass software to generate a random answer or to store your own answers in a notes section. Generating random answers is the most secure approach. With a password manager, you won’t have to worry about remembering your answers. Note: If you purchase a LastPass Enterprise user license at NC State, you are entitled to a free, personal premium account. 
• Work with your IT support staff to ensure your data is backed up properly and can be recovered in the event of a data loss or compromise. Options for backing up your data include:
  • GoogleDrive
    See Drive Cheat Sheet and Drive Tips.
  • General Storage Services
  • Research Storage Services
  • CrashPlan Cloud service through your IT support staff

Here’s what OIT Security and Compliance has shared with all campus IT Directors:

• OIT S&C is closely monitoring alerts from resources such as REN-ISAC, the Cybersecurity and Infrastructure Security Agency, MS-ISAC, and the Department of Homeland Security and will continue to share relevant information.  
• Make sure your systems and devices have the latest patches and adequate backups.  
• Send questions or request assistance via the NC State IT Service Portal or call 919.515.4357 (HELP). 

For additional information regarding this high alert and how to further protect yourself, see the following:

• Arm against ransomware attacks — NC State OIT 
• Spot phishing attacks — NC State OIT
• Shields Up — CISA
• Ransomware hit 649 critical infrastructure orgs in 2021 — FBI