The recent Colonial Pipeline ransomware attack has highlighted the increasingly blended nature of cyberattacks, which interrupt not only information systems but also physical infrastructure. Higher education organizations are often the target for these blended threats.
Imagine a university that has been infiltrated by malicious ransomware. In addition to locking up institutional data, it can exploit vulnerable on-campus IoT devices, including heating and cooling systems in residence halls and research buildings—a blended threat.
What we gained from this team effort is far more than what we could do as individual organizations … Collaborating on best practices can only help make us all safer.
Through collaboration and cooperation, the Research and Education Networks Information Sharing and Analysis Center (REN-ISAC) housed at Indiana University is helping universities in the U.S., Canada, and Australia to better prepare for this kind of attack.
Candid conversations about ransomware
In accordance with its mission to serve the higher education and research community through collaborative information sharing and analysis, the REN-ISAC developed theBlended Threat WorkshopSeriesto guide participants through a variety of blended threat scenarios experienced by colleges and universities, such as a controversial speaker (2018) and an on-campus pandemic situation (2019). This year’s scenario focuses on a ransomware threat,impacting physical resources as well as cyber.
The 2021 workshops bring together specialists representing a wide variety of subject areas including institutional leadership, physical security, cybersecurity, emergency management, IT, administration, facilities, legal, and student affairs. The participants this year also represent a wide range of organizations from small community colleges to large research colleges and medical schools.
Andy Jabbour—the founder and managing director of the Gate 15 Company—is a member of the workshop team and a facilitator. “The workshop could not have been timelier,” he said. “We are seeing incident after incident like the Colonial Pipeline attack. So, to hear where organizations are, what they’re doing, and their best practices, our partners have been very candid. They’ve talked about specific decision-making criteria and decisions.It’s just been great to hear the candid conversation from all corners—from Australia to New Zealand to Canada to the U.S.”
Workshop yields best practices document
The candid conversation and collaboration led to information sharing both in and beyond the workshop experience. REN-ISAC developed Ransomware Best Practices, a document containing actionable information and practical insight into the ransomware threat landscape gleaned from the workshops’ rich discussion.
The REN-ISAC is preparing a final report that collects all the best practices, thought-provoking challenges, and actionable responses discussed during the workshop series, which will be released later this summer.
Greg Sawyer, director of the cybersecurity program at the Council of Australasian University Directors of Information Technology (CAUDIT) and host for the 2021 kickoff workshop, praised the workshop for “recognizing the changing threat landscape and the risk implications of technology across higher education. Cybersecurity can’t be progressed by going it alone, and we are stronger addressing the threat landscape together. The workshop provided a safe environment for participants to consider the threat landscape; allow open and respectful insights, ideas, and challenges; and to develop and improve their own preparedness. It was a fantastic session proving cybersecurity can be an international sport where we all work together for the collective good.”
As the 2021 workshop season wraps up, the REN-ISAC is preparing a final report that collects all the best practices, thought-provoking challenges, and actionable responses discussed during the workshop series, which will be released later this summer.
Kim Milford, executive director of REN-ISAC, said, “What we gained from this team effort is far more than what we could do as individual organizations. I’d like to thank all those involved for their tremendous work and spirit of collaboration. I’m sure I speak for the group when I say we hope this effort goes far in mitigating the grave threat of cyberattacks. Collaborating on best practices can only help make us all safer.”