Recently, ransomware attacks have been on the increase in school districts nationwide and there are no signs of it slowing up. This is happening because school systems typically suffer from a smaller IT staff, older equipment and less-than-optimal cybersecurity expertise. For cyber criminals, schools are becoming the low hanging fruit for theft.
Sure, many districts find it less expensive to pay the ransom for a ransomware attack especially if it’s covered by cyber insurance. Others, may restore the data from valid backups and move on. Neither is a good long term strategy. Eventually, the insurance companies will stop paying or insuring schools and backups will fail mostly, because they cyber criminals are figuring out ways to corrupt backups before they unleash the ransomware.
But, what is not being considered is the public relations nightmare and protecting your students’ confidential information from being sold over the internet thereby causing your students future headaches restoring their reputation. And the possibility of future lawsuits against the districts.
Luckily, there are simple fixes and some of them are not too expensive.
Phishing or malicious emails are the leading cause of ransomware attacks and cyber criminals are becoming very adept with spoofing emails. An email coming from someone pretending to be the superintendent regarding “changes in sick day policies” can be very tempting to open. Staff should also be wary of social media sites and other communication methods like texting, What’s App, etc.
Scan and Filter Email
Using security software to scan all inbound email and filter out known, malicious websites, and files can solve many issues before it arrives at a staff member’s in-box.
Endpoint Data protection
It seems like a no-brainer that teacher shouldn’t have access to the district’s financial data. However, teachers may have access to similar databases as the financial administrative officer. Once a teacher’s desktop has been breached, hackers will wait around to see if they can compromise the financial officer through shared databases.
Back up your data
It’s not a matter of if you’ve been compromise, it is a matter of when. A good backup can ensure that the school’s database are be up and running in a matter of hours instead of days or weeks.
Equipment and software manufacturers release software patches to remove security vulnerabilities often. Although these patches are provide for free and can be automatically installed, they can cause issues with other software and equipment which can be time consuming. It can also be time consuming for IT staff members.
Upgrade old equipment
Upgrading switches and firewalls when they get to their end of life will go a long way in protecting your data. At that point, manufacturers no longer warrantee the equipment and stop providing patches. This can an expensive option. But gear that was built five or ten years ago could not have anticipated the types of cyber-attacks that are happening currently.
Managed Security Service Provider (MSSP)
Hiring an MSSP to keep all of your systems under control can be a very cost effective option when it comes staying secure. Some MSSP can also provide 24 x 7 monitoring at a fraction of the cost of hiring one full-time employee. They can spot impropriaties like your Financial Officer checking bank accounts at 2 a.m. and alert staff. They can also handle the patching systems and fixing discovered vulnerabilities.
Recent studies have shown that cyber-attacks have been a showing up as top source of anxiety for superintendents and administrators. But with proper planning, school administrators may be able to sleep better at night.