SUBJECT:

UC San Diego Response to Research Data Ransomware Incident

Many of you have now heard of the ransomware incident at UC San Francisco (UCSF), in which all research data for a large research lab was encrypted and held for ransom by hackers seeking financial gain. In order to avoid ending the careers of the impacted faculty due to loss of data, UCSF paid a ransom of $1.14M. You can read about the incident here: https://www.bbc.com/news/technology-53214783

The event resulted in the significant disruption of hundreds of faculty research programs and raises questions of data quality and reproducibility for those programs.

In response to this and other such events, we have directed Michael Corn, our Chief Information Security Officer, to build on our existing cybersecurity measures and implement a program to lower the likelihood and minimize the impact of any such event at UC San Diego. While this program will evolve to respond to changing external threats and internal needs, the essential features of the program include a requirement for faculty to certify their adoption of some simple but fundamental cybersecurity practices, educational materials and guidance throughout the program. The program begins implementation in August, 2020 and further announcements will be forthcoming.

In the meantime, important practical guidance for how to make your research data more secure now, as well as information on this new program can be found at http://assure.ucsd.edu.

UC San Diego experiences daily ransomware attacks. With the payment of a ransom at UCSF we anticipate an increase of these attacks. Please review the guidance provided as soon as possible.

If you have any questions about the program, please do not hesitate to contact Mike Corn (mcorn@ucsd.edu).

Sandra A. Brown Vice Chancellor for Research Vince Kellen Chief Information Officer