GHC Information Security and Network Services has received notice from the USG Cybersecurity office of a recent, high-impact ransomware attack at one of our agencies. The incident is still being analyzed, but it is very likely that this malicious software initially infected their network through a phishing message. While Duo helps protect our accounts from unauthorized access from a phishing campaign, simply clicking on a link in an email can still cause ransomware to infect a system. Remember, ransomware is malicious software that encrypts your documents and renders them inaccessible. It is often the case that ransomware leads to irreversible data loss. Always follow the following email safety tips to protect GHC from ransomware:

• Do not open unsolicited attachments or click on unsolicited links in email. This includes systems that intake data from email, such as GHC411.
• If you receive an email that appears to have come from a student or coworker and contains links or attachments that you do not expect, contact them by some other method to verify the authenticity of the message.
• Report suspected phishing campaigns to rt@highlands.edu or infosec@highlands.edu.
• Remember the golden rule of email: When in doubt, throw it out!
• Keep personal devices up-to-date with the latest software and apps to ensure they contain the latest fixes for software vulnerabilities. This is required by the IT Bring Your Own Device Policy and its associated standard.