Supply chain attacks like the one that crippled the University of Utah’s payroll and human resources systems this week are becoming more frequent, according to an expert who spoke with KUTV.
Topher Tebow is a senior cybersecurity researcher with Acronis, a data protection company. He says the U of U wasn’t attacked directly, but through a third-party company relied upon to provide payroll and HR services.
“Essentially, software suppliers are being attacked, sometimes with the goal of hitting as many victims at once as possible,” Tebow says. “Sometimes it’s a coincidence that they happen to have gotten this one particular software supplier, and it affects their clients downstream.”
Why does it seem like higher education institutions are being targeted more than ever? Tebow says it’s not our imagination.
“One of the things that really makes universities a strong target for cyber criminals is just the number of people involved,” he says. “Personal data is one of the most profitable for cyber criminals. With a large number of people not wanting their information getting out there, the ransoms can be for a higher amount, potentially. Conversely, that data being sold on the dark web could be worth a pretty penny.”
Tebow says large companies and institutions can pay less upfront with good cyber security to prevent a ransomware attack, but there are some things that can be done cheaply or even for free to keep sensitive data safe.
“Everything that’s in the hands of a human is a potential risk,” Tebow says. “It’s really important for that reason to have proper cybersecurity training and to create a culture of cybersecurity in your businesses and organizations, because the human element is always the weakest point.
In August of 2020, the U of U was also hit by a cyber attack, this one directly, and the university eventually admitted paying more than $450,000 in ransom to restore their systems. Tebow doesn’t recommend that companies give in to ransom demands, but he says sometimes it’s the only option.
“In some cases, perhaps they had no way of restoring the data,” he says. “So paying the ransom was their only option. But anytime you have other options available, it’s not great to fund the criminals.”
