Howard University Ransomware Attack

Recent ransomware attack on Howard University continues to bring up the issue that has dominated the past year and a half: Ransomware is here to stay.  I can write blog article after blog article about it - but it remains true. Ransomware is still an issue, and still of primary concern for institutions across the country.  Though we don't quite know all the information about the Howard University attack, we will likely find it comes down to the same problems:

  • An attack vector was utilized, and it got past traditional security layers.
  • An infection occurred, and systems were locked down accordingly.
  • It had time to spread and impact important IT Networks, and took down functionality of the school to be able to have hybrid or online versions of classes.

Again and Again and Again - we see the same issues coming up across multiple industries and sectors.  And the attacks just keep ramping up through-out the country.  We're seeing huge waves of cyberthreats hitting schools, cities, pipelines, and all forms of companies throughout the country - and IT Professionals are playing catch up the entire time.

It doesn't have to be like this. But people are continuing to make the wrong choices, and follow the wrong steps onward to failure.

Security is moving away from the proactive model that was espoused for the past two decades - and that isn't good.  Instead of moving toward a Zero Trust Security Model we are seeing IT Departments and Security Engineers pressured to allow more and more exceptions and trusted applications... and inevitably that is leading us to where we are now.  We are trusting that Software Companies and providers are making solid technologies that aren't vulnerable to attack, and that is consistently being proven false.

  • Microsoft Vulnerabilities are so frequent we're having to patch zero-day problems almost every other week.
  • RMM Technologies like SolarWinds, Kaseya, or Connectwise
  • Telecommunication providers such as T-Mobile getting hacked, or other infrastructure / utility providers

These problems aren't going to stop unless cybersecurity professionals have frank conversations with their employees and C-suites, have frank conversations about the direction of security and how to model it.  We need to encourage companies to review their existing security policies and create processes that aren't relying fully on automation to prevent threats - we need security processes that account for human error & automation error.

Managed Detection & Response Technologies are not just bold strategies for large companies, even smaller providers should be looking into MDR Solutions such as London Security's SecurityGLOVE and need to find solutions like ours that do not just provide alerts but also provide real action and are able to detain threats before they spread.

Imagine how different the Howard University situation would be if the infected system were simply shut down before it was capable of spreading malware.  Would it be a news story? Would there have been this degree of impact to students and staff? How much money would have been saved from having to defend reputations, public approval, and handle alumni and high paying donors?  Do you want to be the person explaining how they have to spend the entirety of a donation on doing research into a security threat that could have been literally handled... before it was an issue?

This is where London Security can help you.  Talk to us. Reach out to our experienced engineers and have us talk to you about the problems going on around the world, and how we can help protect your systems.  It can make a huge difference.