Ransomware Attacks On Schools Rising

ransomware attacks on schools

This Thanksgiving, Baltimore students woke up to discover they had a few extra days off when a ransomware attack hit the Baltimore Public School District. What’s more, according to Emsisoft’s report, ransomware attacks on schools grew overall during the third quarter of 2020 by 388%.

This attack is not the first to hit Baltimore’s city; last year, the city was the victim of an attack that ended, costing them around $18 million from the attack’s fallout. Continue reading below to learn more about cyber-attacks on the education sector. 

What Happened?

While officials kept comments on the incident to a minimum, some on social media said that files were encrypted with a [.]ryuk extension leading experts to hypothesize that Ryuk ransomware was involved in the attack. Still, school officials and local authorities aren’t confirming this information or how much data was impacted during the attack.

Teachers and officials are still waiting to hear more about the attack, and many express frustrations at the lack of communication.

Ransomware Attacks on Schools

While you might imagine there should be more profitable targets than schools and related entities, cybercriminals are opportunists by nature. If they think a target has valuable data, they aren’t overly concerned that there is a more significant payout somewhere else. 

Cybercriminals target schools because they usually pay the ransom that they leverage against publishing their stolen data containing students’ and teachers’ personally identifiable information (PII)

Minimizing Risks for Your Organization

Ransomware and malware attacks are continually upping their game for bigger payloads. Education schools and institutions are increasingly the targets of these attacks. It has been so prevalent that the US Cybersecurity Infrastructure and Security Agency put out a warning about the increase in attacks. 

Here are a few ways to help protect your school from ransomware attacks:

Remove Admin Rights From Users

It’s essential to assess which users should have administrative privileges and those that don’t. It should be as simple as that, but it’s best to establish a baseline to determine if there are any forgotten or rogue access credentials on the network.

User Training

Phishing campaigns are often the backdoor to a ransomware attack. The embedded malware compromises the system, often partnering with ransomware gangs to provide access. Besides, untrained users frequently click on infected attachments or links in emails, unaware that they are infecting the entire network. 

Regular Patches and Software Updates

Systems are vulnerable to attack when security patches and software updates aren’t applied regularly. Cybercriminals attempt to access systems based on their vulnerabilities, so it’s essential to protect your network systems with updates. 

Maintain Proper Backups and Test Them

Most organizations know that scheduling regular data backups is to protect them against a primary storage system failure. Still, backups can fail, and to prevent a crisis from happening; it’s essential to have the right strategy in place. 

For example, if files can’t be restored from a backup after a system failure or ransomware attack, it could mean a financial disaster for your organization. This possibility is why testing backups is essential to ensure you are saving your data accurately and wholly. If a test fails, you have time to correct the problem before any loss of data occurs. 

Restrict Access

Controlling user access is an essential part of data security and IT for schools and businesses. Besides, access control is a term that is broad and is used to describe the policies and methods that ensure only verified individuals can virtually or physically get to system files, folders, and resource items that they have permission to access.

Access control means two things at the basic level, authorization and authentication. One determines the user is who they say they are, and the other checks whether the user has the right to access the resources they want to touch. 

Endpoint Security and Auditing

Endpoint security is an increasingly common IT tenet. With more users participating in BYOD (Bring Your Own Device), it is even more concerning. Besides, students and teachers are connecting from home since the beginning of the COVID-19 pandemic for remote learning. 

As ransomware attacks on schools are becoming more common, school networks are incredibly susceptible to penetration. This is due to the number of non-enterprise devices accessing school resources.

Protecting Your School From Ransomware Attacks With Versa

Versa works closely with your school to provide all-inclusive services to help prevent ransomware, phishing, and malware attacks and to restore your systems if needed. We are constantly testing, demoing, and evaluating the latest cybersecurity tools and training systems.

Need to know more? Our staff members are waiting to help you get the answers you need. Contact us today to learn more about Versa and our managed IT support services for schools, colleges and of course businesses.