As one local institution continues to deal with the impacts of a cyberattack, an expert suggests more proactivity is needed.
On Sunday, the University of Winnipeg (UW) discovered it was the victim of a cyberattack, which it said targeted the schoolâs network. The incident saw classes cancelled on Monday, internet downed and, most recently, exams delayed.
Carmi Levy, a technology analyst, said this falls in line with a growing pattern.
âWe almost canât go a day without hearing news of another high-profile attack,â he said, adding that the spur of activity leads other cybercriminals to think âthey can get in on it as well.â
âSo, what weâre witnessing here really is a pile-on experience where they see an opportunity and go for it.â
He said universities are large targets for cybercriminals because of the information and data they hold.
âItâs almost like moths to a flame. And, of course, there are many different systems that universities use to gather and access and manage that data, which gives cybercriminals many entry points in to gain access,â Levy said.
Along with being a public organization that has lots of stakeholders, confusing the digital landscape, he said they are rich grounds for hacking, not to mention usually a little underfunded in the cybersecurity department.
The email you need for the day’s
top news stories from Canada and around the world.
âWe know full well that many public-facing institutions, including governments, universities, health-care institutions, often struggle with cybersecurity because they donât have the money,â he said.
âThey canât hire the people, they canât buy the technology to protect everyone in every situation. So you put all of that together, and itâs almost like an ideal scenario for cybercriminals to target.â
Levy said protection boils down to a needed shift in culture.
âUp until now, (cybersecurity) has not been front and centre when universities and other publicly facing institutions plan their technology investments; itâs often treated as a form of insurance. Nobody wants to talk about it because itâs kind of taboo.â
Plus, there is an element of shame and embarrassment associated with being caught in an attack of this nature, making people quiet down, he said.
âCybercriminals count on us not talking about their attacks,â he said, âbut that only makes it easier for them to execute additional attacks.â
Practically, more training on online red flags is also necessary.
Trending Now
Canadaâs population hits 41M months after breaking 40M threshold
CRA no longer requiring tax return for bare trusts this year
âMany of these attacks are often initiated by an employee clicking on the wrong thing in a phishing or spear-phishing email. And then, of course, that allows the attack to proceed,â Levy said.
The things to watch for are messages asking for a link to be clicked. They may even look like they are from someone familiar.
âAlways hover over the email address and the testing address of messages that come in to you to make sure that it is, in fact, coming from the legitimate source, not someone pretending to be them,â he said.
He noted potential threats are looking more legit as technology, and access to quality technology, advances.
UW said it is âcontinuing to investigate the incident to better understand its impact on the university,â will be holding a town hall with updates soon and is posting updates at uwinnipeg.ca.
It said the academic term has been extended.
Levy said it could take months for the school to bounce back from this.
1:39
Toronto library close to gradual return months after cyberattack
© 2024 Global News, a division of Corus Entertainment Inc.
Â
