Q&A: How Can Duke Stay Safe from Ransomware?

In his role as Duke University Chief Information Security Officer Richard Biever, the campus IT Security Office along with the Duke University Health System Chief Information Security Officer Randy Arvay and the DUHS ISO are tasked with protecting Duke from malicious attacks, including ransomware, a type of cyberattack that can cripple digital infrastructure, disrupt operations and cost millions of dollars.

Ransomware is a strain of malware that threatens to encrypt, publish, corrupt or block data, essentially holding it hostage, until a ransom can be paid. Recently, a ransomware attack forced Howard University to briefly cancel classes. Earlier this year, ransomware forced the Colonial Pipeline to pause operations, causing a gas shortage in much of the southeast. And last year, the IT system of Durham’s city government was paralyzed by a ransomware attack. 

“It’s easy money,” Biever said. “The idea is, why would hackers go after individuals for hundreds of dollars when you can go after bigger targets and get millions?”

Biever and his colleagues in the Duke IT Security Office work hard protecting Duke’s digital systems from malware attacks like ransomware. Ransomware attacks often start with phishing emails. Last month, Duke received roughly 103 million emails, with roughly 69 million messages automatically blocked. However, in the 39 million delivered, there is still a chance that some phishing messages could make it through.

Staff, faculty and students all play a role in security efforts by not falling for and reporting potential phishing attempts that could lead to malware. With Cyber Security Awareness Month in October, Working@Duke talked with Biever to gain an understanding of the threat of ransomware and how community members can defend against it.

What does ransomware do? 

Biever said that, like any type of malware, ransomware can find its way onto a computer when a user opens a compromised file, often…