R Is For Ransomware: Cybersecurity For K-12 Schools

Last year, cyberattacks targeting schools reached record levels. The US Cybersecurity and Infrastructure Security Agency (CISA) reported that they’re becoming increasingly aggressive. K-12 schools were the most common targets. Approximately 57% [1] of ransomware incidents that occurred during July and August of last year involved K-12 schools. Since the beginning of 2021, more than 40 ransomware attacks have ravaged operations within public school districts.

“In recent incidents affecting the education sector, ransomware has led to the loss of student coursework, school financial records, as well as data relating to COVID-19 testing,” stated a recent National Cyber Security Centre alert.

Tens of millions of students, teachers, and administrative staff have witnessed the traumatic effects of ransomware. Student records can sell for as much as $350 [2] on the dark web and can potentially lead to fraud, identity theft, and other unwanted outcomes.

Real-World Hacking Of Schools

According to the Cybersecurity Resource Center, schools experienced an 18% [2] increase in ransomware attacks in 2020 as compared to 2019. A school district in Florida recently suffered a ransomware attack where hackers threatened to release personal information belonging to teachers, staff, and students unless a $40 million [1] ransom was paid. Any K-12 school could run into a similar scenario.

School System Security

Over 1/3 of K-12 [2] support staff state that their districts maintain three or fewer IT specialists. Schools typically lack the human resources and the budgetary resources to maintain adequate security. In turn, this transforms them into targets for hackers.

Many have observed that major conglomerates have millions to spend on cybersecurity. Schools have slim budgets. Educators are asking, “How can schools expect to keep pace?”

Here’s How Schools Can Protect Systems With Internet Security

Protecting school systems is tough, but there are strategies and tactics that can make a huge difference.

  • School district personnel should ensure that systems are backed up in the cloud. While a limited amount of budget is necessary for this, it’s not generally perceived as an expensive procedure. According to the NCSC [3], “Offline backups are the most effective way to recover from a ransomware attack.”
  • Schools can also proactively train teachers to scan emails for cyber threats. Professional training can be immensely helpful in blocking attacks. Looking for ways to refresh professional cybersecurity training? Check out this article.
  • Anti-virus software can help stop breaches before they begin. Anti-malware and anti-phishing technologies can be especially useful. Ensure that your configuration does not allow for credential reuse and that it detects compromised passwords.

More helpful tactics:

  • Systems should be patched in a timely manner. Systems without patches are uniquely vulnerable to attack.
  • Implementing network segmentation can prevent lateral attacker movement.
  • Administrators should monitor privacy settings in programs.
  • Audit logs can enable IT staff to monitor who is in the system, when, and why.
  • Setting up least-privileged access and zero trusts can also pay dividends.
  • School districts may want to consider hiring more cybersecurity staff. The cost could be far less than those involved in cleaning up a cyber attack or paying a ransom.
  • Check systems before weekends and holidays, as attacks are especially likely to occur during these intervals.

The Third-Party App Problem

Cybercriminals are aware of the fact that some school districts maintain adequate or exemplary cybersecurity defenses. In these instances, hackers may attempt to sidestep systems by interrupting a third-party’s ecosystem. They can then use this ecosystem as a vehicle through which to conduct an attack on your system. In addition to creating digital barriers around your own district’s resources, ensure that your institution also monitors the security of third-party app vendors.

If Your School Experiences A Ransomware Attack, Should You Pay The Fees?

As many as 45% of US companies pay cybercriminals for file restoration. However, only 26% [4] of those who handed over the money had their files unlocked. The best means of giving ransomware the run-around is to invest in better security measures and to develop a stronger cybersecurity posture.

Immediate Ransomware Steps

If hit with a ransomware attack, you should turn off the device experiencing the issue and disconnect it from the network. An infected computer can spread the computer virus to other devices attached to the network. Immediately after, call an IT professional, who may or may not need to escalate the case to others within your organization, attorneys, or the FBI. If you’re interested in learning more about the arguments supporting schools’ prioritization of cybersecurity measures, check out this article [5] for more information.

References:

[1] Now ransomware is inundating public school systems

[2] 6 top ways schools can avoid ransomware attacks

[3] Ransomware warning: There’s been another spike in attacks on schools and universities

[4] Breaking news: The reality of ransom payments

[5] 5 REASONS SCHOOLS MUST PRIORITIZE CYBER SECURITY

Go to Source