Select Page

Ever wondered why security compromises are announced in cryptic yet seemingly positive phrases, especially when it comes to government affairs? “We immediately alerted experts and authorities”, “the incident was isolated and contained”, or our personal favorite: “no personal data was exposed”. Unfortunately, the City of Atlanta was a recent example to make headlines after being served with a menacing ransomware attack identified as SamSam. Follow along as the Arrow Payments team covers the sophisticated hack and demonstrates how the fallout can escalate severely when applied to a university campus.

Don’t skip class before the pop-quiz

What happens when a city’s entire digital ecosystem is besieged by ransomware? For starters, real estate closings are disrupted, residents are unable to pay their water bills, and internal processes are shifted backwards into manual transmission.

But what happens when ransomware strikes a city and it is later discovered that the incident was forewarned and preventable? Besides for being on the receiving end of resounding ‘I told you so’s, the reputational costs begin to add up. In other words, the bare minimum cost of a ransomware attack at any affected organization includes money, time, and hard-earned clout.

Stranger danger

The parasitic nature of the SamSam attack, a specific type of ransomware, adds to the seriousness of the situation. Unlike opportunistic tactics that primarily rely on manipulation, this breed of ransomware spreads across a vulnerable system quickly, and then latches itself upon files with unbreakable encryption. As Atlanta Mayor Keisha L. Bottoms puts it, dealing with such a ransomware attack is like “dealing with a hostage situation”.

Path of least resistance

All institutions are at risk for ransomware attacks, and as we’ve heard before, universities are being singled out. Why? Treasurers and hackers are both well aware of the value of a university’s ecosystem, which encompasses student identities, employee records, donor transaction information, and academic research. What makes matters worse is that higher education is especially vulnerable due to its collaborative culture and siloed departments.

Just last year, the world-renown University College London (UCL) was hit by a crippling “zero-day attack” of ransomware, shutting down student management systems while eliciting the suspension of hospital trust email servers. The news coverage was unforgiving as well, as one BBC article highlighted how the university was previously considered a “centre of excellence in cyber-security research”, yet blamed the incident on phishing emails only to later suggest that “it was more likely to be from contact with a ‘compromised’ website”.

Group take-home test

Ransomware is scary, yes, but we believe that you don’t have to shoulder it alone. Find out how your university can work with us to build P2PE-secure solutions that are PCI-compliant, defending against the most sophisticated of ransomware attacks:

https://arrowpayments.com/spotlight/2018/3/27/the-most-difficult-part-of-being-a-university-treasurer

 

Thought Leadership

Recent Insights

Check out the latest trends and reports from Arrow Payments.

What to Know During the PCI DSS v4.0 Transition

What to Know During the PCI DSS v4.0 Transition

The Payment Card Industry Data Security Standard (PCI DSS) is focused on protecting cardholder data. As fraud and cybercriminals evolve, so must the standards by which organizations secure data, which is why we're in a phase of PCI DSS v4.0 Transition. The aim of the...

Understanding Real-Time Payments for Higher Ed

Understanding Real-Time Payments for Higher Ed

Real-time payments continue to gain momentum in 2022, especially as a new economic environment spurs the need for faster payments. As cross-border payments continue to gain steam, real-time payments show promise to aid those capabilities, too. The focus has long been...

What’s New in Treasury Tech?

What’s New in Treasury Tech?

Treasury departments hold a critical role in driving success for companies. Between financial planning, managing payments, and mitigating future risk, treasury departments must stay apprised of the latest technology developments to manage these responsibilities well. ...

Gain Visibility into Your Higher Education Payment Systems

Find out what’s happening in every department and start building solutions that address fundamental needs.

Start My Discovery