Opening a fake attachment or clicking on a link in a malicious email is an easy point of compromise for a cybercriminal to plant malware. With a new strain of ransomware making its way across Canada, the U.S and Europe, Brock University Information Technology Services is reminding the Brock community to be cautious about opening email attachments and clicking on suspicious links.
The high-risk ransomware, called MegaCortex, is targeting large corporate networks and workstations with huge ransom demands. The cybercriminals behind the ransomware use phishing and malicious email campaigns as an initial point of compromise to then spread larger, more powerful computer viruses.
“This particular threat shows exactly how sophisticated cyberattacks are becoming,” said David Cullum, Associate Vice-President, Information Technology Services. “The MegaCortex malware has been redeveloped to be smarter and to protect itself against security professionals dealing with such an attack. The malware is automated, which means no manual effort is needed from the attacker once it’s planted.”
News about the MegaCortex malware was received from the Ontario Cybersecurity Higher Education Consortium, a division of the Ontario Research and Innovation Optical Network (ORION), which Brock University is part of. The consortium offers cybersecurity guidance, programs and services to the higher education institutions that are part of ORION.
“Brock University is fortunate to be a member of this community,” said Cullum. “We’re able to hear about cyberattacks at other institutions before they hit Brock. The data we collect from others provides us with specific types of active threats, when they’re occurring and where they originated. In return, we share with the consortium any cyber threat data we receive. This sharing of information is critical to how we continue to develop mitigation strategies.”
Students and employees are encouraged to forward any suspicious emails to itsecurity@brocku.ca
Employees interested in learning more about identifying malicious emails and cyberattacks are encouraged to register for a cybersecurity awareness workshop, You are the Target, taking place Wednesday, Sept. 25 from 10 to 10:30 a.m. in the Computer Commons Training Room.
