Based on a recent update from JISC, the sector has seen a significant uptick in major ransomware incidents.
Infosec will set up a briefing in the near future with more detail on these and other recent security events. including the recent Hafnium exploitation of multiple Microsoft Exchange vulnerabilities.
For urgent action
- Understand your internet-facing footprint and reduce or secure it. RDP is a particular target.
- Ensure that Sophos Intercept X is deployed everywhere.
- Prevent lateral movement: make admin passwords complex (16+ characters) and unique.
- Install and configure Microsoft Local Administration Password Solution (LAPS) across Windows domains.
If you have any comments or queries, please contact grc@infosec.ox.ac.uk.
