Ransomware can take many forms - from “file-less” to “click-fraud” to software being deployed on a school’s network. Most recently, criminals are attacking schools by simply looking for a vulnerability on their network and deploying “ransomware as a service” from the Dark Web. We have a tendency to think that ransomware attacks are occurring in real-time; however, the truth is that attackers are often present in the network environment for months or even years before they launch their attack - waiting until the time is right (ex. back-to-school time in K-12 schools). Regardless of what form ransomware takes, it is a serious threat to schools.Schools are becoming increasingly popular targets for ransomware attacks for several reasons:
- Schools are “public-facing” and cannot afford to shut down.
- Schools are increasingly dependent on technology in education and depend on access to Wi-Fi, computers, smartboards, etc. in order to operate.
- Schools are now purchasing cyber insurance to mitigate the risk of attacks.
- School networks are open by nature.
- Schools commonly have older software, fewer resources, and less expertise in dealing with serious cyber attacks such as ransomware attacks.
When hit with a ransomware attack, schools are immediately confronted with the challenge of restoring their data. This can take a lot of work, and money. Even if schools pay the ransom, as requested, there is no guarantee that the decryption key will work - or if it does work, that the data wasn’t inadvertently damaged in the process. If a school district decides to NOT pay the ransom, it can actually end up costing the district MORE money to rebuild and restore their data.
Moral of the story - If you don’t invest upfront in cybersecurity, your district is at significant risk for being the victim of a ransomware attack, which could ultimately cost you more! Traditional methods of protection (ex. Windows Defender) are simply not enough anymore. It can be extremely difficult, if not impossible, to detect newly-created ransomware with outdated software and strategies that are commonly found in schools. time, work, and money. Even if schools pay the ransom, as requested, there is no guarantee that the decryption key will work - or if it does work, that the data wasn’t inadvertently damaged in the process. If a school district decides to NOT pay the ransom, it can actually end up costing the district MORE money to rebuild and restore their data.
Here’s what you can do, however:
- Back-up your data, applications, and application platforms multiple times.
- Make sure that your data back-ups and procedures are robust (if not, restoration can be extremely costly and time-consuming).
- Test your back-ups regularly.
- Develop and implement a strong plan for vulnerability management
- MOST IMPORTANTLY...Invest time training all students, teachers, and administrators on best practices.
If you want to learn more about our solution to best protect your school’s data, read this blog post by Erik Mosier to learn more about our solutions via our partnership with Sophos!